The current year’s first terrible news for OnePlus clients—countless clients are complaining fraudulent credit card transactions after purchasing items from the Chinese cellphone maker’s legitimate online store.
The claim at first surfaced on the OnePlus help discussion throughout the end of the week from a client who said that two of his credit cards utilized on the organization’s authentic site was associated with fraudulent activities.
Later a good number of users posted similar complaints on OnePlus, Twitter and Reddit forums, saying they also became a victim of credit card fraud.
A significant number of the clients guaranteed that their Mastercards had been compromised after they purchased another telephone or a few extras straightforwardly from the OnePlus authority site, demonstrating that the flaw may have experienced the organization itself.
As indicated by Fidus, OnePlus is presently leading the exchanges itself on location, which implies that all charging data alongside all Visa points of interest entered by its client’s course through the OnePlus authority site and can be captured by hackers.
OnePlus has immediately reacted to the issue on its discussion, affirming that it doesn’t store any Mastercard data on its site and all instalment exchanges are helped out through its PCI-DSS-consistent instalment preparing accomplice.
Only credit card-related information of users who have enabled the “save this card for future transactions” feature is stored on OnePlus’ official servers, but even they are secured with a token mechanism.
There are almost 100 claims of fraudulent credit card transactions on the OnePlus support forums. OnePlus announces a formal investigation into the matter, and advises affected users to contact their bank to reverse the payment.
As always it is recommended that you avoid enabling “Save credit card information” so that no information leak could cause loss to your bank account.