SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
22 Jan 2018

OnePlus says up to 40,000 customers were affected by credit card security breach

OnePlus has announced that up to 40,000 customers were affected by the security breach that caused the company shut down credit card payments for its online store earlier this week.

The information is the result of an ongoing investigation with a third-party security agency into the breach that caused customers’ credit card information to be stolen while they were purchasing OnePlus products.

Though reports of stolen credit card information and fraudulent purchases were only made in the past week, OnePlus says that the script that stole the data had been running on one of its payment processing servers since mid-November. The script was able to capture full credit card information, including card numbers, expiry dates, and security codes directly from a customer’s browser window. The company says it has determined where the exploit happened and has found the point of entry for the attacker, but the investigation remains ongoing. It’s not yet clear if the attack was done remotely, or if someone had physical access to the server to install the script.

In a forum post detailing the findings, OnePlus says the script operated “intermittently” and the infected server has been quarantined from the rest of the system. It also says that customers that paid via a saved credit card, a credit card processed via PayPal, or through a PayPal account should not have been affected by the breach.

A OnePlus spokesperson says that the 40,000 customers exposed to the attack “represent a small subset” of its total customer base. The company is reaching out to affected customers and offering a year of credit monitoring service for free. It is also working with local authorities during the investigation.

Credit card payments will remain suspended on the OnePlus.net store until the investigation is complete, with customers able to purchase items through PayPal in the meantime. OnePlus says it is working to implement a more secure credit card payment method before it re-enables them.

Last week, OnePlus CEO Pete Lau told that it is exploring partnerships with US carriers, but a spokesperson confirmed that this security breach will not change anything in terms of OnePlus’ online sales strategy. The company currently does not have plans to move its store to Amazon or another e-commerce platform.


Download SafeUM — communicate privately, without advertising and spam.

Tags:
information leaks OnePlus
Source:
The Verge
1515
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015