Smartphone maker OnePlus informed some of its customers today (Nov. 22) that some of their information "was accessed by an unauthorized party" who obtained customer names, email address, shipping addresses and telephone numbers.
Account information and account passwords appear to be unaffected, and credit card numbers do not seem to have been involved.
"We took immediate steps to stop the intruder and reinforce security," a OnePlus spokeswoman told Tom's Guide. "Before making this public, we informed our impacted users by email. Right now, we are working with the relevant authorities to further investigate this incident."
OnePlus announces breach, no tech details for now. Would be good to know at least if it was criminal or APT. If APT, who’d be interested in targeting a Chinese smartphone maker? 🤔 pic.twitter.com/vKU87tE0pHNovember 22, 2019
While there are dozens of people on Twitter who've reported getting such notifications, none of the three Tom's Guide staffers who use OnePlus phones got anything. All had bought their phones at least a year ago, however.
OnePlus Support's Twitter account is replying to everyone who mentions the notifications on Twitter and asking them to DM the account for more information.
In a FAQ posted on OnePlus' support forums, the company stated that "there is no additional action required on your part for now, but please be aware that you may receive spam and phishing emails as a result of this incident."
"If you don’t get an email from us today, rest assured that your order information is safe," it added.
We presume that customers who bought their OnePlus phones from carriers or retail outlets would not be affected. The company began by selling its phones online and still does so.
In January 2018, OnePlus revealed its retail website had been corrupted by credit-card stealing malware, affecting about 40,000 customers. This new breach, however, could be related to whichever company OnePlus uses to ship its phones from China.
To be honest, most people's names, email addresses, street addresses and phone numbers are publicly available, if you know where to look. The huge "data breach" making news today is made up of such information.