It was recently reported that some OnePlus customers had complained about fraudulent activity on their credit cards after they had made a purchase on the company’s online store. OnePlus promised to look into the matter earlier this week and it has now confirmed that it was indeed the target of a credit card hack. The OnePlus credit card hack may have affected up to 40,000 customers, according to the company.
OnePlus explains that this happened because one of its systems was attacked. A malicious script was injected into the payment page code on its online store to steal credit card information while it was being entered. This script operated intermittently, it captured and sent data directly from the user’s browser. OnePlus has quarantined the infected service and has since eliminated this script.
The company adds that customers who entered their credit card information on oneplus.net between mid-November 2017 and January 11th, 2018 may be affected. The information that was compromised includes credit card numbers, expiry dates, and security codes. Customers who paid with a saved card should not be affected, according to OnePlus, and neither should those who paid via the Credit Card via PayPal method. Those who paid via PayPal should not have been affected as well.
OnePlus is contacting all potentially affected users via email about this development. It recommends that customers keep an eye on their card activity and report charges they don’t recognize to their bank. The company also apologizes for the entire episode.