We are reaching out to inform you of an issue regarding a form you completed on Fairphone forum between March 3rd and March 4th . This form was part of our beta testing survey, titled “Beta Tester Application.” Due to a misconfiguration, participants who completed the questionnaire were able to view responses from others. We identified this issue on March 4th at 4:00 PM and immediately took action to close access and secure the data.
This issue affected 24 participants, including you. No one outside this group had access. The information that was exposed includes:
your name (if provided)
forum username (if provided)
email address
home address
phone ownership status
telecom operator
and IMEI number (if provided).
Upon discovery, we promptly:
Restricted access to the form responses
Corrected the misconfiguration
Conducted a review of the incident
Implemented additional security measures to prevent recurrence
At this time, we have no indication that any data has been misused. However, as a precaution, we advise you to remain vigilant for any unsolicited emails and messages requesting personal information, suspicious links, or other unusual activity.
If you have any questions or concerns, please reach out to us at privacy@fairphone.com. We sincerely apologize for this incident and deeply appreciate your understanding. We are truly sorry for having failed to meet your expectations and for any breach of trust that may have occurred. We view this as a priceless lesson and are determined to learn from it. Moving forward, we will strive to regain your trust through more prudent and careful data collection practices.
Protecting your data remains our utmost priority, and we are fully committed to strengthening our security measures to ensure that such incidents do not recur. Thank you for your continued support and patience as we work to improve.
The first leak is the misconfiguration, which could lead to anybody affected viewing the e-mail address of others. Not necessarily, and I would assume most probably, not everybody affected got the e-mail addresses of everybody affected this way.
The second leak is the handing out of the e-mail addresses of everybody affected to everybody affected for good.
2 most probably different levels of exposure, but 2 clearly different wrongdoings.
Between March 3rd and 4th, 2025, a misconfiguration in our beta testing survey allowed participants to view responses from other testers. We identified the issue on March 4th and immediately took action to secure the data. In total, 24 participants were affected. As soon as we became aware, we:
Restricted access to the form responses
Corrected the misconfiguration
Reviewed the incident to understand what went wrong
Implemented additional security measures to prevent this from happening again
On March 7th, 2025 we notified affected users about the data incident. Unfortunately, their email addresses were mistakenly included in the CC field. We immediately apologised and asked recipients to delete the email to prevent further exposure. We have reported these incidents to the relevant Data Protection Authorities within the required time frame as mandated by applicable data protection laws. At this time, there are no indications of additional impact.
We sincerely apologise to the forum members affected by this incident. Protecting Fairphone’s community’s data is a highly important responsibility. We are committed to learning from it and will be continuously improving our data protection practices to ensure careful and secure handling of user information going forward.
The data has been used for scam already. I used a single-use contact adress for fairphone orders and received this email , using this adress with correct prename and language.
Thank you for flagging this with us. We will prioritize investigating the issue at our end.
To support our investigation, we would be grateful if you could reach out to support@fairphone.com with any more information you might be able to provide regarding this. While we will take all available steps to resolve the issue, the information you provide will be crucial to ensure a thorough review. Our privacy team will immediately open a high-priority ticket for you.
We will really appreciate your cooperation in this matter. Once again, thank you for bringing this to our attention—we’re committed to resolving it as quickly as possible.
I didn’t notice any of this.
Once again, Fairphone’s management is doing a “good” job of drawing the attention of customers and potential customers who are registered in the forum and advising them to change their password as soon as possible.
Top Fairphone.
These things can happen
Of course such things can happen. However, you should be open and inform users as quickly as possible and recommend that they change their access data.
Just like a model company normally does.
