oneplus.jpg  - oneplus - OnePlus confirms hack exposed credit cards of phone buyers

(Image: CNET/CBS Interactive)

OnePlus has confirmed that its systems have been breached, following reports of card fraud from customers who bought a from the company.

The phone maker sent an email to customers Friday, saying customers’ credit card numbers, expiry dates, and security codes “may have been compromised.”

The email, posted by Peter Smallbone on Twitter, said: “As soon as we were made aware of the attack, we launched an urgent investigation. We suspended credit card payments and have been working with a cybersecurity firm to reinforce our systems.”

Several customers also posted the same email on the company’s forums on Friday.

The company is “looking” to provide credit card monitoring for customers affected.

A malicious script was inserted on the company’s pages, capturing and sending data directly from the user’s browser. The script, now removed, is said to have “operated intermittently.”

The company said customers who entered their credit card details on the company’s site between mid-November and January 11 may be affected. The company said that may include “up to 40,000” customers.

Anyone who paid with PayPal aren’t affected, neither are those who paid with a previously saved credit card on file.

A spokesperson did not comment beyond the company’s statement.

Reports of credit card fraud started popping up over the weekend. On Thursday, the company said it was looking into a “serious issue” and “as a precaution, we are temporarily disabling credit card payments” on its site.

Contact me securely

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Read More

Source link


Please enter your comment!
Please enter your name here