O

OnePlus confirms credit card breach and affects 40,000 customers as a result

by Hamza Khalid
OnePlus confirms credit card breach and affects 40,000 customers as a result

OnePlus learned from several of its customers that there were fraudulent charges appearing on their credit card cards and fingers were being pointed to the company itself. This led to the smartphone maker disabling support for credit card payments and launched an immediate investigation into what happened.

The preliminary results are in and you’re not going to like them. In a statement today, the company said that credit card information belonging to up to 40,000 customers was captured by a malicious actor between November 2017 and mid-January 2018. Right now, there was no details as to what the malicious actor was, but investigation is still ongoing.

The company hasn’t confirmed the number of customers whose captured payment information has been used for fraudulent purposes. The company further notes that a “small portion” of its customer base has been affected. This information is not likely to consolidate people that have been involved in this breach.

OnePlus is continuing to work with law enforcement. As a result of this breach, the company said that it will be offering a year of free credit monitoring to all affected users. But the real question is, how did this exactly happen?

According to a company spokesperson, a malicious actor had gained access to one of the company servers and injected a script that captured customer credit card information as it was being typed into the site’s payment form. Many believed that OnePlus’ payment processor was to blame for the breach, it now appears that the credit card payment system was working as it was supposed to. The information was being processed as required, being encrypted and transmitted to the company’s payment processor, but the issue started where the malicious script seized a window of opportunity and captured the information before it was encrypted and sent off.

Customers that paid via PayPal have not been affected by the breach, so it’s safe to say that you’re fine. Customers who paid with previously saved credit card information should not be impacted because the information wasn’t put in manually, but we highly recommend everyone keep an eye on your credit card statements.

CategoriesCybersecurity OnePlus Tech
Tags
Hamza Khalid

Hamza Khalid is the Lead Editor at The Jolt Journal. You're more than welcome to follow him on Twitter and follow The Jolt Journal on Twitter and Facebook. If you have any questions, concerns, or need to report something in this article, please send our team an email at [email protected]. This story may be updated at any time if new information surfaces.

At The Jolt Journal, no one tells us what to write or how to write it. This is why, in the era of lies and bias, readers turn to an independent source. Rest assured, all information on our website is free of any bias or influence. If you see anything wrong with a story, please don't hesitate to reach out. We do our very best to report on the latest available information.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.