Adding one more page to the OnePlus credit card fraud incident, it is now confirmed that data was compromised. OnePlus today came clean on the issue after an investigation probe and issued a statement on its forums regarding the breach. The Chinese phone maker said that it’s customers credit card data has indeed been compromised.
This statement comes after the company disabled credit card payments on Oneplus.net yesterday after the issue came to light. According to some sources, the number of affected users might be around 40,000. Even though that is a huge number, what’s good is that not all stand to lose money.
In the statement, the company also urged users to check their bank statements and reach out to OnePlus if they see unauthorized use. As to how this grave incident happens, the company said that it was due to an injected script. This script whisked away entered credit card data of customers and handed it to the offenders. For now, the script has been eliminated but it was active between mid-November of 2017 and January 11, 2018.
There are some users who are still safe from this breach.
- Those that paid via a saved credit card
- Those users that paid through “Credit Card via PayPal” method
- and lastly, payments through PayPal are safe
In such cases, it is highly recommended that current buyers change their credit cards for new ones. OnePlus has also assured users that it’s working with payment processor and providers to see that this doesn’t happen again.