OnePlus Confirms 40,000 Customers' Data at Risk
Jan 19, 2018, 11:17 AM by Eric M. Zeman
OnePlus today said up to 40,000 customers' credit card data may have been lifted in an attack. Earlier this week, OnePlus customers reported fraudulent activity on their credit cards after making purchases from OnePlus' web site. OnePlus says its investigation shows the company was indeed compromised. "One of our systems was attacked, and a malicious script was injected into the payment page code to sniff out credit card info while it was being entered," explained the company. "The malicious script operated intermittently, capturing and sending data directly from the user's browser. It has since been eliminated. We have quarantined the infected server and reinforced all relevant system structures." OnePlus believes people who used its web site between mid-November 2017 and January 11, 2018, may be impacted by the breach. At risk are credit card numbers along with their expiration dates and security codes. OnePlus says customers who used PayPal aren't affected. The company has emailed everyone it believes may be at risk. In the mean time, OnePlus suggests those who made purchases on OnePlus.net during the above time frame should examine their bank statements for any fraudulent charges. "We cannot apologize enough for letting something like this happen," said OnePlus. "We are working with our providers and local authorities to better address the incident. We are also working with our current payment providers to implement a more secure credit card payment method, as well as conducting an in-depth security audit. All these measures will help us prevent such incidents from happening in the future." The company thanked its customers for their understanding and its community for its continued support.
Review: OnePlus 5T
Hands On with the OnePlus 5T
OnePlus 5T and Honor 7X Now Available In Red
OnePlus Debuts Sandstone White Color for 5T
OnePlus 5T Scores OxygenOS 4.7.4 with Performance Tweaks
OnePlus 5T
Comments
No messages
