OnePlus hacked; credit card info of 40,000 customers compromised
Hackers attacked the web site of smartphone manufacturer OnePlus and compromised credit card information of up to 40,000 customers, the Shenzhen, China-based company has confirmed.
In a January 19 forum post, OnePlus reveals a malicious script was injected into its payment page code after hackers successfully penetrated one of its systems. The script ran intermittently but could sniff out credit card information as it was entered.
“We are deeply sorry to announce that we have indeed been attacked, and up to 40k users at oneplus.net may be affected by the incident. We have sent out an email to all possibly affected users,” the company says.
“We cannot apologize enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down.”
The phone maker reveals that oneplus.net had been under attack for an extended period â€“ from mid-November 2017 to January 11, 2018. Credit card information (including card numbers, expiry dates and security codes) entered at oneplus.net during this time “may be compromised,” the company says.
Customers shopping with a “saved” credit card (i.e. who didn”t have to enter the information manually) should not be affected. The same applies to users who paid with “credit card via PayPal,” and users who paid with PayPal itself.
The threat has since been eliminated, and OnePlus has quarantined the infected server. The company is working with payment providers and local authorities to better understand how hackers infiltrated its systems. As it conducts its audit, OnePlus is also implementing “a more secure” credit card payment method.
In the meantime, customers who received OnePlus”s email about the hack are instructed to check their card statements and report any suspicious activity to their bank. Users who happen upon “potential system vulnerabilities” on the oneplus.net website are urged to report them to email@example.com.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021