In case you’re not aware, Pimax allows unthrottled public queries on their Check Your Order page without doing any kind of credential checks.
Once entered, the page lists your name , order details , full address , and phone number
…all in a neat pile of very much personally identifiable information essentially up for grabs with minimal effort (as in, I doxxed myself with a dozen lines of python. Just enter email and wait a minute.)
Note that changing your account details unfortunately does not affect the order details, so they’re available now and forever unless Pimax does something about it.
I have an open ticket with Pimax about the issue, but there’s not much hope there as the rep I got doesn’t seem to understand at all. ( “where you find this problem which I dont think so ?” )