Earlier this week, we came across reports from OnePlus customers about fraudulent activity with their credit cards after they made a purchase from OnePlus’ official website oneplus.net. As soon as these reports surfaced, OnePlus swung into action and started their investigation. The company two days ago also disabled credit card payments on their website to prevent any further inconvenience to its customers. Now, OnePlus is almost done with its investigation, and, has admitted that up to 40,000 customers are affected by this credit card security breach on their website.
While detailing its findings in a post on its official forums, OnePlus revealed that up to 40,000 customers who made a payment using their credit cards have been affected. The company has said that they have also sent out emails to those who are possibly affected.
Moreover, OnePlus has also revealed that their systems were attacked by a malicious script which was injected into the code of their payment page to steal credit card information directly from the user’s browser.
That malicious script has been removed and the company says that infected server has also been quarantined. If you happen to have made a purchase from oneplus.net using a credit card between mid-November 2017 and January 11, 2018, then you may be affected by this security breach. Hence, you are advised to check your bank statements immediately and get in touch with your bank if you notice anything suspicious.
Having said that, those users who paid using a saved credit card or via PayPal during the aforementioned time period need not worry much about this security breach.
“We cannot apologize enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down. We are in contact with potentially affected customers. We are working with our providers and local authorities to better address the incident. We are also working with our current payment providers to implement a more secure credit card payment method, as well as conducting an in-depth security audit. All these measures will help us prevent such incidents from happening in the future.” said OnePlus.