OnePlus got pwned, exposed up to 40000 users to credit card fraud

Cesar Mills
January 21, 2018

There are a potential 40,000 affected customers but all those who had saved their credit card info into OnePlus' systems before mid-November won't be affected, nor were PayPal customers.

For the time being, credit card transactions on will remain suspended until the company completes its investigation.

We have quarantined the infected server and reinforced all relevant system structures. As a result of this breach, the company said that it will be offering a year of free credit monitoring to all affected users.

OnePlus disabled the credit card payments on January 16, after receiving reports from customers that they were seeing unknown credit card charges after buying something online from OnePlus. Users can continue using PayPal.

Last week, OnePlus CEO Pete Lau told CNET that it is exploring partnerships with USA carriers, but a spokesperson confirmed that this security breach will not change anything in terms of OnePlus' online sales strategy.

For enquiries, please get in touch with our support team at The case was soon brought to OnePlus' attention following which the company had provided a statement saying that the company took information privacy extremely seriously and that the company had begun to investigate the case as a matter of urgency.

Movie about Prince Harry and Meghan Markle's romance coming to Lifetime
A palace insider told Us Weekly , "There is absolutely no pressure on the couple to have children at all ". Meanwhile, the 33-year-old prince wore a blue sweater under a navy coat with matching pants .

President Trump's Medical Exam Fuels Flurry of 'Girther' Conspiracy Theories
Dr Jackson said: "He's more enthusiastic about the diet part than the exercise part, but we're going to do both". Ronny Jackson . "It's called genetics", said Jackson.

Gunmen launch attack on hotel in Afghan capital
TOLOnews journalist Hayat Amanat reported an eyewitness saying at least 15 people had died, although this has not been verified. Captain Tom Gresback, spokesman for the NATO-led Resolute Support mission in Afghanistan said they were also watching closely.

Consumers who shopped from between October and December 2017 started reporting credit card fraud earlier this week. The company has confirmed that this script has already been removed from the web, and have isolated the affected server while reinforcing the entire security infrastructure.

Further, the article noted that the company has determined where the exploit happened and has found the point of entry for the attacker, but the investigation remains ongoing. The complainants seem to have made credit card payments directly on without involving third-party like PayPal.

OnePlus apologized for the payments breach and says it's "eternally grateful" to the community for identifying a pattern of fraudulent payments. The code ran intermittently over the coming weeks until credit card payments were shut off on January 11th, 2018.

The company said that the issue affects some of its customers that have shopped online at may be affected by the incident. "We are working with our providers and local authorities to address the incident better".

OnePlus is still working on the situation from every angle, especially with implementing a more secure online storefront in the future.

Other reports by GizPress

Discuss This Article