OnePlus data breach exposes emails, phone numbers and addresses

Some Canadians' data was exposed by the breach

Some OnePlus customers received emails warning of a potential database breach.

According to the message, parts of customers’ order information “was accessed by an unauthorized party.” Further, the message says that name, contact number, email and shipping address data may have been exposed, but that payment information, password and account details were not.

“We took immediate steps to stop the intruder and reinforce security,” the email read. Additionally, OnePlus sent the following statement to Android Central, which mirrors the wording of the email.

OnePlus has notified impacted users that we have discovered that some of their order information was accessed by an unauthorized party. We can confirm that all payment information, passwords and accounts are safe, but certain users’ name, contact number, email and shipping address may have been exposed.

We took immediate steps to stop the intruder and reinforce security. Before making this public, we informed our impacted users by email. Right now, we are working with the relevant authorities to further investigate this incident.

We are deeply sorry about this, and are committed to doing everything in our power to prevent further such incidents. For more information, please visit the forums.

OnePlus didn’t include details about how many people were affected. MobileSyrup has received some reports of Canadians involved in the breach. OnePlus also didn’t reveal how far back into its history the breach goes.

Android Central reports two people at its office received the email, one of which hasn’t used the OnePlus store since buying the OnePlus 6 in mid-2018.

Worse, this isn’t the first time OnePlus has suffered a breach. In January 2018, a malicious script added to its online store’s payment code scraped the credit and debit card data of some 40,000 users.

OnePlus customers can learn more about the breach on the company’s community forum.

Update 11/22/2019 at 7:54pm: Updated the story with details about some Canadians being affected by the breach.

Source: Android Central