It’s the news customers really didn’t want to hear.
Just days ago we reported that OnePlus, and their customers, may have been victims of a hack. Some customers noticed that fraudulent charges were appearing on their credit cards after purchasing devices through OnePlus’ website. The company immediately stopped processing charges and began to investigate. Today the reported their findings.
OnePlus was indeed hacked. According to a post within the company’s online forums, the hack was explained. A malicious script was injected into the code of their payment page, which would collect payment information from the user’s browser. Up to 40,000 customers may have been affected by this attack. User’s who entered credit card information on the site between November 2017 and January 11, 2018 could potentially be affected. Users who made purchases utilizing the saved credit card option and PayPal should be safe from the hack. Emails have been sent out to potentially affected customers.
While this attack is something no one would have wanted to see occur, OnePlus does seem to be reacting quickly and honestly. Still, this is not the best news for a company who in the last year has been caught tricking benchmark tests, collecting entirely too much information on their users, or installing a backdoor in devices.