OnePlus Site’s Payment System Hacked: Credit Card Detail Compromised

The current year’s first terrible news for OnePlus clients—countless clients are complaining fraudulent credit card transactions after purchasing items from the Chinese cellphone maker’s legitimate online store.

The claim at first surfaced on the OnePlus help discussion throughout the end of the week from a client who said that two of his credit cards utilized on the organization’s authentic site was associated with fraudulent activities.

Later a good number of users posted similar complaints on OnePlus, Twitter and Reddit forums, saying they also became a victim of credit card fraud.

A significant number of the clients guaranteed that their Mastercards had been compromised after they purchased another telephone or a few extras straightforwardly from the OnePlus authority site, demonstrating that the flaw may have experienced the organization itself.

As indicated by Fidus, OnePlus is presently leading the exchanges itself on location, which implies that all charging data alongside all Visa points of interest entered by its client’s course through the OnePlus authority site and can be captured by hackers.

OnePlus has immediately reacted to the issue on its discussion, affirming that it doesn’t store any Mastercard data on its site and all instalment exchanges are helped out through its PCI-DSS-consistent instalment preparing accomplice.

Only credit card-related information of users who have enabled the “save this card for future transactions” feature is stored on OnePlus’ official servers, but even they are secured with a token mechanism.

There are almost 100 claims of fraudulent credit card transactions on the OnePlus support forums. OnePlus announces a formal investigation into the matter, and advises affected users to contact their bank to reverse the payment.

As always it is recommended that you avoid enabling “Save credit card information” so that no information leak could cause loss to your bank account.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...

Digital Forensics Investigation using Autopsy In Kali Linux

Autopsy is one of the digital forensics tools use to investigate what happened on a computer. It offers a GUI access to variety of...