Skip to main content

OnePlus customer data stolen in second data breach in two years

Andy Boxall/Digitaltrends

Phone company OnePlus has suffered another data breach, with an undisclosed number of customer names, contact numbers, email addresses, and shipping addresses stolen by an unnamed hacker or group.

Recommended Videos

This comes less than two years after up to 40,000 customers’ private information was stolen from OnePlus, leading to credit card fraud using customers’ details. In this case, the breach only came to light when the issue of credit card fraud was raised by a user on the OnePlus forums. An investigation subsequently discovered a malicious script had been gobbling up customer credit card details when they were entered into the OnePlus website.

It’s not clear what the cause of this latest breach was. The company has only said that “our security team discovered that some of our users’ order information was accessed by an unauthorized party.” It has also notably failed to disclose how many customers could be affected.

OnePlus says it has informed all customers affected by the breach via email, but that no additional action is required on their part. The company does warn, however, that they “may receive spam and phishing emails as a result of this incident.” If you are a OnePlus customer but have not received an email, the company says that your information is safe. It’s still a good idea to go and update your password though, just in case.

To prevent similar breaches happening in the future, OnePlus says it is making a security check of its systems. “We’ve inspected our website thoroughly to ensure that there are no similar security flaws,” a OnePlus staff member wrote on the company’s forums. “We are continually upgrading our security program — we are partnering with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December.”

This will be a frustration for users, however, with this breach coming so close on the heels of the last one. Many customers on the forums expressed annoyance that this was happening again, with their data being vulnerable due to poor security. Additionally, the announcement that the company is waiting until next month to update its security practices raised some eyebrows. Given the possible severity of the breach, many customers expected more immediate action.

Georgina Torbet
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
Have one of these OnePlus phones? You can now download Android 15
OnePlus Open in Emerald Dusk open showing inner display flat.

The wait for Android 15 is over for some owners of some OnePlus devices. With Android 15 Beta 2 expected to launch today, OnePlus is rolling out the Android 15 Beta 1 for owners of the OnePlus 12 and OnePlus Open. Now, keep in mind that this is still a beta, meaning it’s intended for developers and advanced users, and there are still several known issues and bugs.

The update will roll out globally and needs to be manually installed. We highly recommend following the steps OnePlus has laid out in its forum post and backing up the data on your phone since there is a risk of bricking. To upgrade, you’ll need to be running Android 14.0.0.610 and below; versions above it can’t be upgraded without rolling back.

Read more
A data breach can cost millions of dollars — and you might be paying it
A dark mystery hand typing on a laptop computer at night.

According to a recent report from IBM Security, data breach costs are constantly on the rise. Unfortunately, this spells bad news not just for the companies involved, but also for the customers -- in more ways than one.

The report, which states that an average data breach is now estimated to cost $4.4 million, exposes the fact that the skyrocketing costs of data breaches directly affect the prices paid by the end customer.

Read more
Personal data of 69 million Neopets users is now up for sale after a data breach
Person typing on a computer keyboard.

Neopets, an aged website that lets users keep virtual pets and take care of them, just suffered a major data breach. Aside from the personal data of over 69 million users, the hacker was able to obtain the website's source code.

This isn't the first time Neopets has faced a massive leak, but this time around, user data is currently being sold for crypto -- and the leak includes more than just usernames and passwords.

Read more