• Home
  • News
  • Artificial Intelligence
  • Internet of Things
  • Open Source
  • Hardware
  • Software
  • Security
  • Whitepapers
  • Data Strategy Spotlight
  • Newsletters
  • Whitepapers
    • Inqlogo 120x194
      Five things you should look for in choosing a Testing provider

      Choosing a Testing Partner can be complex.  So what do you look for?  This guide offers insight into the qualities you must look for in choosing a Testing provider.  Download now to learn more.

      Download
      Inqlogo 120x194
      Your questions answered: How to protect your data in the cloud

      The number of successful cyberattacks per year per company has increased by 46% over the last four years. But what really needs to be considered when exploring a solution? What questions need to be asked? Download to find out...

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Follow us
    • RSS
    • Twitter
    • LinkedIn
    • Newsletters
    • Facebook
    • Google+
    • YouTube
  • Newsletter
  • Industry Voice
  • Data Strategy Spotlight
The Inquirer
The Inquirer
  • Home
  • News
  • Artificial Intelligence
  • Internet of Things
  • Open Source
  • Hardware
  • Software
  • Security
  • Trending
  • MWC 2019
  • Article 13
  • AMD Radeon VII
  • Galaxy S10
  • Nvidia GTX 1660 Ti 
The Inquirer
  • Security

OnePlus admits 40,000 customers were affected by credit card breach

Investigation reveals that malicious code was injected into the firm's payment page

OnePlus admits 40,000 customers were affected by credit card breach
OnePlus admits 40,000 customers were affected by credit card breach
  • Carly Page
  • Carly Page
  • @CarlyPage_
  • 19 January 2018
  • Tweet  
  • Facebook  
  • Google plus  
  •  
  •  
  • Send to  
0 Comments

CHINESE PHONE MAKER OnePlus has said that 40,000 customers were affected by the breach that forced it to stop accepting credit card payments on its website.

OnePlus on Friday emailed an update to its customers, saying that 40,000, or a "small subset" of its total customer base", were potentially affected. It remains unclear, however, how many saw their payment information used for fraudulent purchases.

The findings of its ongoing investigation, which it's carrying out with a third-party security firm, reveal that malicious script was injected into the OnePlus.net payment page code, and allowed the as-yet-unknown attackers to see customer's credit card numbers, expiration dates, and security codes.

While customer reports of fraudulent purchases have only started to show up in the past week, OnePlus says that the script has been running since November - just ahead of the launch of the OnePlus 5T.

This means that those who made a purchase on the OnePlus website between November 2017 and 11 January 2018 may be at risk. However, the firm notes that those who paid via PayPal, or who paid with previously saved credit card details, should not be impacted.

 

"We cannot apologize enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down," OnePlus said.

"We are in contact with potentially affected customers. We are working with our providers and local authorities to better address the incident. We are working with our current payment providers to implement a more secure credit card payment method, as well as conducting an in-depth security audit. All these measures will help us prevent such incidents from happening in the future."

The firm notes that it's offering affected customers and offering a year of credit monitoring service for free, and advises that those who believe they're at risk check bank statements for any suspect charges.

Credit card payments will remain suspended on the OnePlus.net store until the investigation is complete, with customers able to purchase items through PayPal in the meantime. µ

  • Tweet  
  • Facebook  
  • Google plus  
  •  
  •  
  • Send to  
  • Topics
  • Security
  • oneplus
  • fraud
  • Security

INQ Latest

Google Updates: Bye-bye Fit for web, no more forced arbitration and I/O ballot open
Google Updates: Bye-bye Fit for web, no more forced arbitration and I/O ballot open

It's the week in Google

  • Software
  • 22 February 2019
O2 has plans for 5G in four UK cities this year
O2 has plans for 5G in four UK cities this year

You can probably guess which

  • Cellular
  • 22 February 2019
Nvidia's GTX 1660 Ti brings Turing power to gamers on a budget
Nvidia's GTX 1660 Ti brings Turing power to gamers on a budget

GPU is available in Blighty now for £260

  • Graphics
  • 22 February 2019
Microsoft might bring Xbox Games Pass to the Nintendo Switch
Microsoft might bring Xbox Games Pass to the Nintendo Switch

Move could bring Halo and Gears of War to the hybrid console

  • Numb Thumbs
  • 22 February 2019
Back to Top

Most read

Galaxy S10 price, release date and specs: S10, S10+ and S10e pre-orders begin
Galaxy S10 price, release date and specs: S10, S10+ and S10e pre-orders begin
iPhone 11 release date, specs and price: 2019 iPhones might offer reverse wireless charging
iPhone 11 release date, specs and price: 2019 iPhones might offer reverse wireless charging
CERN has made the original 1990s web browser available to play with
CERN has made the original 1990s web browser available to play with
Apple's folding iPhone patent shows a, er, Motorola Razr lookalike
Apple's folding iPhone patent shows a, er, Motorola Razr lookalike
Facebook will let Android users turn off its location data gobbling
Facebook will let Android users turn off its location data gobbling
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About Incisive Media
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • LinkedIn
  • Newsletters
  • Facebook
  • Google+
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017