Thousands hit in OnePlus credit card hack

Latest news

    OnePlus phonesImage copyright OnePlus
    Image caption OnePlus said the card-stealing script was active for about two months

    Up to 40,000 people were caught out by hackers who stole credit card details from the site of phone maker OnePlus.

    The company stopped taking card payments via its site earlier this week after learning about the attack.

    An investigation has revealed that attackers stole data by exploiting a loophole in its payment system between mid-November 2017 and 11 January.

    The company apologised and said affected customers would get free help to resolve card problems.

    Card watch

    In a statement posted to its community forum, OnePlus confirmed that it had been attacked adding: “a malicious script was injected into the payment page code to sniff out credit card info while it was being entered”.

    It said the malicious script ran “intermittently” and has now been expunged from the affected server.

    The loophole in its payment system that it exploited had also been eliminated, it added.

    OnePlus said that only customers who entered their credit card details for the first time on its site between the two dates would be affected.

    Anyone who had submitted those card details before mid-November or after 11 January or who used a different payment method, such as Paypal, would not have been caught out.

    All those whose credit card numbers were scooped up by the script have been contacted via email.

    The company learned about the theft of data from its support site when customers started reporting fraudulent charges turning up on statements.

    It urged anyone who might have been among the victims to check statements to see if any bogus bills had been charged to their cards.

    A spokeswoman for OnePlus said it would offer credit monitoring to everyone who had been affected and would also set up a hotline that people could call to get help resolving payment and card issues.

    View the original article: http://www.bbc.co.uk/news/technology-42745212

    “We cannot apologise enough for letting something like this happen,” wrote OnePlus in its update.

    In the same category are

    Laver Cup: Roger Federer and Alexander Zverev win as Team Europe retain title Alexander Zverev is currently ranked fifth in the worldGermany's Alexander Zverev beat South African Kevin Anderson 6-7 (3-7) 7-5 10-7 as Team Europe...
    Thomas Cook blames heatwave for profit warning Image copyright Getty Images Holiday firm Thomas Cook has blamed the summer heatwave for a drop in its full-year profit forecast. "Many customers" h...
    Women seeking sperm donor online harassed Image caption Sarah said she felt she could not trust people on the sites Women using unregulated websites to find a sperm donor have been harasse...
    News Daily: Labour Brexit vote and US judge accused again If you want to get this briefing by email, sign-up here'All options open' Image copyright EPA Brexit is essentially the only big issue where Jeremy C...
    Ricardo Quaresma, Lionel Messi, Benjamin Pavard & Denis Cheryshev up for Fifa Puskas award Watch the four World Cup goals from Ricardo Quaresma, Lionel Messi, Benjamin Pavard and Denis Cheryshev which are nominated for the Puskas award at th...
    US-China trade: US imposes biggest round of tariffs yet Image copyright Getty Images Image caption The latest raft of trade tariffs mark an escalation in the trade war between the US and China A new rou...

    Leave a comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.