OnePlus Confirms Over 40,000 Users Hit By Credit Card Breach

The popular smartphone brand has admitted to lapse in its payment page that could have revealed user details. 

S Aadeetya
Tech News
Published:
OnePlus has confirmed that hackers were able to access payment details of its users. 
i
OnePlus has confirmed that hackers were able to access payment details of its users. 
(Photo: The Quint)

advertisement

After various reports emerged about a massive data breach at OnePlus, the company has finally admitted to the incident and apologised to over 40,000 of its users for the incident.

Apparently, hackers were able to access credit card information, which was first reported by one of OnePlus customer, who claimed that someone else had brought items with his card online.

The company has spoken in detail about the matter on its forum, and here’s everything you need to know about this breach.

We are deeply sorry to announce that we have indeed been attacked, and up to 40k users at oneplus.net may be affected by the incident. We have sent out an email to all possibly affected users.
<a href="https://forums.oneplus.net/threads/jan-19-update-an-update-on-credit-card-security.752415/">OnePlus Forum</a>

What Data was Breached?

According to OnePlus, one of their systems was attacked, and a malicious script was injected into the payment page code, which managed to retrieve credit card details while it was being entered by the user.

The company claims that after doing its investigation on matter, they have quarantined the infected server and reinforced all relevant system structures.

ADVERTISEMENT
ADVERTISEMENT

Who’s Hit due to the Data Breach?

While OnePlus has sold millions of units ever since its debut, the data breach seems to have affected only a certain number of users.

OnePlus has asked its users to keep a track of their recent payment history. (Photo: iStock)
Some users who entered their credit card information on oneplus.net between mid-November 2017 and 11 January 2018 may be affected. Credit card info (card numbers, expiry dates, and security codes) entered at oneplus.net during this period may be compromised.
OnePlus Forum

The company claims to have reached out to the these users via email, asking them to take precautionary measures while using the payment feature on its website. In all likelihood, they would be asked to cross-check their current bank balance or recent payment history.

For enquiries, please get in touch with our support team at <a href="https://oneplusstore.in/support">https://oneplus.net/support</a>. If you notice any potential system vulnerabilities, please report them to security@oneplus.net. This is a monitored inbox.
OnePlus Forum
Users who paid via a saved credit card or PayPal should not be affected.  

Users Not Affected:

  • Users who paid via saved credit card
  • Those who paid with “Credit Card via PayPal” method

How is OnePlus Fixing the Issue?

In addition to reaching out to the users, the company’s security team is going through an in-depth audit on the matter, looking to make sure such mishaps don’t happen in the future.

In addition, they’re also looking to secure their existing payment mechanism.

OnePlus has started auditing the matter with its security team. (Photo: The Quint)
We are working with our providers and local authorities to better address the incident. We are also working with our current payment providers to implement a more secure credit card payment method, as well as conducting an in-depth security audit. All these measures will help us prevent such incidents from happening in the future.
OnePlus Forum

Data breaches have become a regular episode nowadays, and with the growing advent of digital payment as well as online shopping, it’s crucial that all safety measures are designed to be foolproof and mishap-free.

(We Indians have much to talk about these days. But what would you tell India if you had the chance? Pick up the phone and write or record your Letter To India. Don’t be silent, tell her how you feel. Mail us your letter at lettertoindia@thequint.com. We’ll make sure India gets your message)

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: undefined

ADVERTISEMENT
SCROLL FOR NEXT