OnePlus has been investigating a potential security breach after multiple customers reported fraudulent charges following purchases made on the company’s online store.
After shutting down credit card payments few days ago, OnePlus has confirmed that there was, in fact, a malicious script that has stolen credit card information from up to 40,000 customers
The company is now reaching out to all customers it believes may have been affected by the hack it suffered and will notify them of the development via email.
It’s currently unclear how long that effort will take but all potentially compromised users are likely to be alerted to the issue by the end of the week.
The attack was conducted via a “malicious script” inserted into the page which accepts credit card information and sends it to the firm’s payments partner, as suggested by OnePlus. The short interval during which the page sends sensitive information before the cloud partner encrypts it likely provided the necessary opportunity for the attackers to steal the data.
OnePlus says the script has been eliminated after detection and the infected server was quarantined, whereas the rest of its infrastructure has been strengthened in an unspecified manner.
While the latter scenario also involves making a direct credit card charge, the actual data it pulls is encrypted and the manner in which it’s used cannot be compromised by the newly discovered script.
“We cannot apologize enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down.”
- Some users who entered their credit card info on oneplus.net between mid-November 2017 and January 11, 2018, may be affected.
- Credit card info (card numbers, expiry dates and security codes) entered at oneplus.net during this period may be compromised.
- Users who paid via a saved credit card should NOT be affected.
- Users who paid via the “Credit Card via PayPal” method should NOT be affected.
- Users who paid via PayPal should NOT be affected.
- We have contacted potentially affected users via email.