A OnePlus credit card breach was recently announced, with news that up to 40000 customers were affected. While reports only recently surfaced, the hackers had been obtaining data since mid-November.
OnePlus Credit Card Breach
It’s been a rough year in terms of information theft. While the biggest financial fiasco of 2017 was perhaps the Equifax breach that affected millions of Americans, there continue to be problems with security regarding sensitive information from a number of companies – despite efforts to ensure data is kept secure.
The most recent problem was a OnePlus credit card breach, which has since caused the company to shut down credit card payments for the online store. This new information regarding the breach is the result of an investigation with a third-party agency to determine why customers were having their credit card details stolen while purchasing OnePlus products.
Reports of the OnePlus credit card breach have only been coming out for the past week or so, but OnePlus has recently come out and stated that the script that stole the data had actually been running on one of their servers since November, giving it ample time to collect the information of thousands of customers and opening them up to financial damage. The Verge reports that the OnePlus credit card breach was able to capture full credit card information, which includes card numbers, expiration dates, and security codes just from entry into the browser window.
The company is aware of how the OnePlus credit card breach was carried out, but the investigation is still ongoing to see whether the attack was from a remote hacker or someone with privileged access to the company’s servers that was able to install the script without anyone noticing.
Who Was Affected?
Fortunately, OnePlus reports that the credit card breach only affected those entering their details into the browser window, and that those with saved credit card information or who bought through PayPal should not have been affected by the breach. Still, standard credit card payments with standard entry make up a large portion of an online company’s sales, so this OnePlus credit card breach that leaked thousands and thousands of credit cards is no doubt extremely severe – despite a company spokesperson stating that the customers exposed to the attack only “represent a small subset” of its total customers. In a gesture of goodwill, the company is reaching out to those who were affected and offering a free year of credit monitoring, and plans to cooperate with local authorities during the ongoing investigation.
Until the investigation is completed, credit card payments on the OnePlus online store will be suspended, with customers urged to complete payments via PayPal in the meantime. The Verge reports that the company is currently working to launch a more secure credit card payment processing system before it re-enables standard payments, with hopes that this OnePlus credit card breach never happens again.
If you’ve recently purchased a phone online through OnePlus using a credit card, it’s advised that you keep an eye on your card and credit in order to avoid any surprises. The company seems to want to make things right, but those affected will probably still be dealing with quite the headache.