OnePlus confirms security breach with a staggering number of affected users

OnePlus confirms security breach with a staggering number of affected users

OnePlus confirms security breach with a staggering number of affected users

If you've recently purchased a phone online through OnePlus using a credit card, it's advised that you keep an eye on your card and credit in order to avoid any surprises.

OnePlus notes that customers that are affected by the data breach include those that entered their credit card information on its website from mid-November 2017 to January 11, 2018. Further credit card info (card numbers, expiry dates and security codes) entered at oneplus.net during this period may have been compromised.

The company also said the only customers affected by the attack are those who entered their credit card manually. According to OnePlus, it has now eliminated the immediate risk.

"We can not apologize enough for letting something like this happen", the spokesperson writes.

Chris Morales, head of security analytics at Vectra, said he is impressed with the expediency and thoroughness OnePlus is taking in providing its customers with a breach notification.

Meanwhile, OnePlus recommends that if users suspect that their credit card info has been compromised, then they should check their card statement and contact their bank to resolve any suspicious charges. OnePlus confirmed that it used custom code and the highest security to assure customers their data was secure; however, shortly after the company suspended all credit card transactions on its website, rightly so, while it investigated the claims. "We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down", OnePlus said. A spokesperson for OnePlus told The Verge's Dan Seifert that the approximate 40,000 customers affected by the breach represent "a small subset" of its total customer base. The script intermittently captured data before sending it from users' browser back to the hackers responsible for the attack. This includes those with their credit card information saved on the website, those that use the credit card through Paypal Holdings Inc (NASDAQ:PYPL) option and those that just simply use PayPal. We are working with our providers and local authorities to better address the incident. "All these measures will help us prevent such incidents from happening in the future".

OnePlus is in the process of reaching out to those who were affected by the breach. The company will also be providing credit card monitoring services to impacted customers.

Related news