OnePlus Site’s Payment System Hacked: Credit Card Detail Compromised

The current year’s first terrible news for OnePlus clients—countless clients are complaining fraudulent credit card transactions after purchasing items from the Chinese cellphone maker’s legitimate online store.

The claim at first surfaced on the OnePlus help discussion throughout the end of the week from a client who said that two of his credit cards utilized on the organization’s authentic site was associated with fraudulent activities.

Later a good number of users posted similar complaints on OnePlus, Twitter and Reddit forums, saying they also became a victim of credit card fraud.

A significant number of the clients guaranteed that their Mastercards had been compromised after they purchased another telephone or a few extras straightforwardly from the OnePlus authority site, demonstrating that the flaw may have experienced the organization itself.

As indicated by Fidus, OnePlus is presently leading the exchanges itself on location, which implies that all charging data alongside all Visa points of interest entered by its client’s course through the OnePlus authority site and can be captured by hackers.

OnePlus has immediately reacted to the issue on its discussion, affirming that it doesn’t store any Mastercard data on its site and all instalment exchanges are helped out through its PCI-DSS-consistent instalment preparing accomplice.

Only credit card-related information of users who have enabled the “save this card for future transactions” feature is stored on OnePlus’ official servers, but even they are secured with a token mechanism.

There are almost 100 claims of fraudulent credit card transactions on the OnePlus support forums. OnePlus announces a formal investigation into the matter, and advises affected users to contact their bank to reverse the payment.

As always it is recommended that you avoid enabling “Save credit card information” so that no information leak could cause loss to your bank account.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...