This time an ‘unauthorized party’ didn’t get payment information.
Early in 2018, popular cellphone maker OnePlus revealed it had coughed up credit card information on over 40,000 users in a data breach, and now it’s informing users of another one. This time, while the website is the source of the breach, the company believes payment info is unaffected, however information exposed may include “name, contact number, email and shipping address” from orders made on its site.
Impacted users should have received an email notifying them of the incident, and should keep an eye out for possible phishing attempt used based on the stolen information. The company said in the email and an FAQ published about the situation that “we are partnering with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December.”