OnePlus Notifies Customers of Data Breach Impacting Users of Its Online Store

OnePlus has sent out an email informing recent OnePlus customers of a security issue. “This ‘Security Notification’ from OnePlus informs customers that an ‘unauthorized party’ was able to access order information from the company’s online store,” reports 9to5Google. “OnePlus says that payment information as well as account details were not accessed, but names, addresses, emails, and phone numbers ‘may’ have been exposed. The company says it will continue to investigate the matter, but obviously this is no small issue.” From the report: Speaking to Droid-Life, OnePlus says that they took “immediate steps to stop the intruder and reinforce security,” and that they are currently “working with the relevant authorities to further investigate this incident.” OnePlus didn’t explain what went wrong, but they are apparently working to start a bug bounty program by the end of this year.

This isn’t the first time the company’s store has fallen victim to a security issue like this. In early 2018, OnePlus customers found evidence of credit card fraud stemming from the Store that triggered OnePlus to shut down credit card payments temporarily. Just a day later, OnePlus’ investigation into the matter revealed that 40,000 credit card numbers had been exposed.

OnePlus has a thread on its forums with more details about the breach.