Technical / Second data breach revealed by OnePlus in 2 years

OnePlus has disclosed a second data breach in 2 years which was discovered last week. In a statement, the company said an "unauthorised party" accessed some customers' order information like name, address, contact and email, but their password and payment information were unaffected. The company added an email was sent to those affected notifying them of the incident.

Engadget : Nov 24, 2019, 10:45 AM
Early in 2018, popular cellphone maker OnePlus revealed it had coughed up credit card information on over 40,000 users in a data breach, and now it's informing users of another one. This time, while the website is the source of the breach, the company believes payment info is unaffected, however information exposed may include "name, contact number, email and shipping address" from orders made on its site.

Impacted users should have received an email notifying them of the incident, and should keep an eye out for possible phishing attempt used based on the stolen information. The company said in the email and an FAQ published about the situation that "we are partnering with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December."