Few People who had shopped on Oneplus Online Store reported last week that they were seeing fraudulent transactions on their debit cards. Oneplus was investigating this serious case, while currently the company accepted the claim of credit card data breach from their payment gateway.
A oneplus staff member wrote on oneplus’s online forum on Friday,”One of our systems was attacked, and a malicious script was injected into the payment page code to sniff out credit card info while it was being entered,The malicious script operated intermittently, capturing and sending data directly from the user’s browser. It has since been eliminated.”
According to the company, people who had shopped from the oneplus store using credit card between mid November 2017 and January 11,2018 would be affected by this. But if users have paid using saved debit cards, or via PayPal directly then they should not be affected according to the company.
The post also stated,”We cannot apologize enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down,”. Oneplus is contacting affected users directly and it is “working with our providers and local authorities to better address the incident”.
As per these investigation report, it seems that around 40,000 user’s credit card details have been stolen with the malicious code injected onto the website. If you’ve shopped from oneplus’s shopping store between mid November to January 11, 2018 then you should get a fresh credit card from your bank even if you haven’t faced any unauthorized transactions from your card to be on the safe side.