OnePlus confirmed last month that it had suffered a major data breach potentially compromising the payment card details of up to 40,000 customers. In an email sent to customers on Jan. 19, the Chinese phone maker said its website, OnePlus.net, was hacked with a malicious script injected into the company’s payment page designed to harvest sensitive data from visitors’ browsers. OnePlus said in a statement:
The malicious script operated intermittently, capturing and sending data directly from the user’s browser. It has since been eliminated. We have quarantined the infected server and reinforced all relevant system structures.
Customers who entered their credit card details on OnePlus’ website between mid-November 2017 and Jan. 11, 2018, may have been affected by the breach. Compromised data includes customers’ credit card numbers, expiry dates and security codes. The company said users who paid with a previously saved credit card on file, PayPal or the “Credit card via PayPal” methods “should not be affected” by the intrusion. It added that customers’ card details are never processed or stored on the OnePlus.net site. “It is sent directly to our PCI-DSS-compliant payment processing partner over an encrypted connection, and processed on their secure servers,” it noted. Only potentially affected users have received a notification email regarding the breach and have been offered a year of credit monitoring.
The disclosure comes several days after reports of credit card fraud began popping up earlier this month after users purchased OnePlus products from the official OnePlus.net store. The company temporarily shut down credit card payments for its online store last week and launched an investigation into the “serious issue” with the assistance of a third-party security firm. The issue was first reported by forum user @superdutynick. OnePlus has not provided any details of the cause of the breach or when the malicious script was inserted by hackers.
Customers have been advised to check their payment card statements for any potentially suspicious activity. OnePlus is working with its providers and local authorities to better address the incident.
International Business Times