Thousands hit in OnePlus credit card hack

Latest news

    OnePlus phonesImage copyright OnePlus
    Image caption OnePlus said the card-stealing script was active for about two months

    Up to 40,000 people were caught out by hackers who stole credit card details from the site of phone maker OnePlus.

    The company stopped taking card payments via its site earlier this week after learning about the attack.

    An investigation has revealed that attackers stole data by exploiting a loophole in its payment system between mid-November 2017 and 11 January.

    The company apologised and said affected customers would get free help to resolve card problems.

    Card watch

    In a statement posted to its community forum, OnePlus confirmed that it had been attacked adding: “a malicious script was injected into the payment page code to sniff out credit card info while it was being entered”.

    It said the malicious script ran “intermittently” and has now been expunged from the affected server.

    The loophole in its payment system that it exploited had also been eliminated, it added.

    OnePlus said that only customers who entered their credit card details for the first time on its site between the two dates would be affected.

    Anyone who had submitted those card details before mid-November or after 11 January or who used a different payment method, such as Paypal, would not have been caught out.

    All those whose credit card numbers were scooped up by the script have been contacted via email.

    The company learned about the theft of data from its support site when customers started reporting fraudulent charges turning up on statements.

    It urged anyone who might have been among the victims to check statements to see if any bogus bills had been charged to their cards.

    A spokeswoman for OnePlus said it would offer credit monitoring to everyone who had been affected and would also set up a hotline that people could call to get help resolving payment and card issues.

    View the original article: http://www.bbc.co.uk/news/technology-42745212

    “We cannot apologise enough for letting something like this happen,” wrote OnePlus in its update.

    In the same category are

    Tour de France: Geraint Thomas keeps yellow jersey as Magnus Cort wins stage 15 Cort celebrates his first Tour de France stage winMagnus Cort dominated a three-man sprint finish to win stage 15 of the Tour de France as Team Sky's...
    Eight-year-olds caught speeding, DVLA data shows Image copyright Getty Images Children as young as eight have been caught speeding by police in Britain in the last two years, Driver and Vehicle Lic...
    Girls Aloud’s Nicola Roberts gets CPS apology over stalker case Image copyright Getty Images Image caption Nicola Roberts (second from right) had been in a relationship with Davies while in Girls Aloud The Crow...
    German Grand Prix: Lewis Hamilton wins after Sebastian Vettel crashes out Vettel's stricken Ferrari is cleared from the gravel trapLewis Hamilton took a sensational victory in a thrilling, rain-hit German Grand Prix as riva...
    Maurizio Sarri: Chelsea boss wanted ‘whole Napoli team’ says Aurelio de Laurentiis Sarri spent three years at Napoli with president Aurelio de LaurentiisNew Chelsea boss Maurizio Sarri wanted to "dismantle" Napoli's team by taking p...
    London Anniversary Games: Kare Adenegan & Sophie Hahn set world records Kare Adenegan celebrates beating Hannah Cockroft and setting a T34 100m world recordGreat British wheelchair racer Kare Adenegan set a huge new world...

    Leave a comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.