OnePlus got pwned, exposed up to 40000 users to credit card fraud

Cesar Mills
January 21, 2018

There are a potential 40,000 affected customers but all those who had saved their credit card info into OnePlus' systems before mid-November won't be affected, nor were PayPal customers.

For the time being, credit card transactions on OnePlus.net will remain suspended until the company completes its investigation.

We have quarantined the infected server and reinforced all relevant system structures. As a result of this breach, the company said that it will be offering a year of free credit monitoring to all affected users.

OnePlus disabled the credit card payments on January 16, after receiving reports from customers that they were seeing unknown credit card charges after buying something online from OnePlus. Users can continue using PayPal.

Last week, OnePlus CEO Pete Lau told CNET that it is exploring partnerships with USA carriers, but a spokesperson confirmed that this security breach will not change anything in terms of OnePlus' online sales strategy.

For enquiries, please get in touch with our support team at https://oneplus.net/support. The case was soon brought to OnePlus' attention following which the company had provided a statement saying that the company took information privacy extremely seriously and that the company had begun to investigate the case as a matter of urgency.

Americans engaged with Russian 'troll' tweets in 2016 election
Twitter has also revised up the total number of Russia-linked accounts it uncovered since its testimony to Congress in the fall . More than 50,000 Russian-linked automated accounts tweeted about the presidential election.

Kim and Kanye choose Chicago for their new baby's name
Kim Kardashian and Kanye West just welcomed their third child via surrogate, and fans can't wait to get a glimpse of the baby. Their surrogate was discussed on reality show Keeping up with the Kardashians , but her identity was not revealed. "I love it.

Your Artwork Selfie: The Google App Everybody Downloaded
The Arts & Culture app does tell users that it scans their face and consent must first be given before the feature will work. Using artificial intelligence, after you take a photo, the app matches your facial features with a famous painting.

Consumers who shopped from oneplus.net between October and December 2017 started reporting credit card fraud earlier this week. The company has confirmed that this script has already been removed from the web, and have isolated the affected server while reinforcing the entire security infrastructure.

Further, the article noted that the company has determined where the exploit happened and has found the point of entry for the attacker, but the investigation remains ongoing. The complainants seem to have made credit card payments directly on oneplus.net without involving third-party like PayPal.

OnePlus apologized for the payments breach and says it's "eternally grateful" to the community for identifying a pattern of fraudulent payments. The code ran intermittently over the coming weeks until credit card payments were shut off on January 11th, 2018.

The company said that the issue affects some of its customers that have shopped online at oneplus.net may be affected by the incident. "We are working with our providers and local authorities to address the incident better".

OnePlus is still working on the situation from every angle, especially with implementing a more secure online storefront in the future.

Other reports by GizPress

Discuss This Article

FOLLOW OUR NEWSPAPER