OnePlus today said up to 40,000 customers’ credit card data may have been lifted in an attack. Earlier this week, OnePlus customers reported fraudulent activity on their credit cards after making purchases from OnePlus’ web site. OnePlus says its investigation shows the company was indeed compromised. “One of our systems was attacked, and a malicious script was injected into the payment page code to sniff out credit card info while it was being entered,” explained the company. “The malicious script operated intermittently, capturing and sending data directly from the user’s browser. It has since been eliminated. We have quarantined the infected server and reinforced all relevant system structures.” OnePlus believes people who used its web site between mid-November 2017 and January 11, 2018, may be impacted by the breach. At risk are credit card numbers along with their expiration dates and security codes. OnePlus says customers who used PayPal aren’t affected. The company has emailed everyone it believes may be at risk. In the mean time, OnePlus suggests those who made purchases on OnePlus.net during the above time frame should examine their bank statements for any fraudulent charges. “We cannot apologize enough for letting something like this happen,” said OnePlus. “We are working with our providers and local authorities to better address the incident. We are also working with our current payment providers to implement a more secure credit card payment method, as well as conducting an in-depth security audit. All these measures will help us prevent such incidents from happening in the future.” The company thanked its customers for their understanding and its community for its continued support.
Tags latest android mobile news latest cell phone news latest news on android phones latest smartphone news latest tech news smartphones new mobile phone news news smartphone smartphone tech news smartphone update news top mobile news
Latest technology news update for Tuesday October 31st 2017.