Recently, many users of various OnePlus devices reported on Reddit about credit card fraud, claiming that Oneplus’ payment system might have been compromised. The company started investigations after receiving reports from the users and shut down all credit card payments on its website after reports of account fraud. As of now, OnePlus has confirmed that as many as 40,000 users may have had their credit card information stolen due to a major security breach.
OnePlus in an official statement posted on its forums has confirmed that sensitive banking information including credit card numbers, expiry dates, and security codes of various OnePlus smartphone’s users may have been compromised. According to the statement,
“We cannot apologize enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed the community, and it pains us to let you down.”
A complete security check revealed that one of OnePlus’ systems had been attacked by a malicious script that captured data from a user’s browser window. The infected server has since been quarantined, but it is still unclear how much damage the script did during the roughly two-month time, or how it attacked OnePlus’ security in the first place.
Although, the security breach will certainly impact on the reputation of the company yet OnePlus is applying several remedies to get out of the situation. OnePlus is suggesting that all recent customers check their card statements and report any signs of possible fraudulent activity directly to their bank. The company will revise its payment system and will also conduct further security checks as well.