OnePlus investigation reveals as many as 40,000 customers affected by credit card hack

A malicious script has been in operation since November

Earlier this week, we began to see reports of a credit card fault on the OnePlus website. Multiple users had taken to both Reddit and the company's own forums to report fraudulent payments on their cards after they were used to buy goods from the site.

OnePlus launched an investigation on Wednesday, at the same time blocking credit card payments from operating, and has now revealed that a malicious script has been operating on the site since November.

In a letter sent to all potential victims, OnePlus says it found the results of a hack on its site, with malicious code injected into a system to sniff out credit card details. Up to 40,000 users have been affected.

Details were 'only' able to be stolen from customers who entered their information between mid November and the 11th January; paying via PayPal or with a saved card was, apparently, safe.

The full statement is below:

We are deeply sorry to announce that we have indeed been attacked, and up to 40k users at oneplus.net may be affected by the incident. We have sent out an email to all possibly affected users.

What happened

One of our systems was attacked, and a malicious script was injected into the payment page code to sniff out credit card info while it was being entered.

• The malicious script operated intermittently, capturing and sending data directly from the user's browser. It has since been eliminated.
• We have quarantined the infected server and reinforced all relevant system structures.

Who's affected

• Some users who entered their credit card info on oneplus.net between mid-November 2017 and January 11, 2018, may be affected.
  • Credit card info (card numbers, expiry dates and security codes) entered at oneplus.net during this period may be compromised.
  • Users who paid via a saved credit card should NOT be affected.
  • Users who paid via the "Credit Card via PayPal" method should NOT be affected.
  • Users who paid via PayPal should NOT be affected.
• We have contacted potentially affected users via email.

What you can do

• We recommend that you check your bank statements and report any charges you don't recognise to your bank. They will help you initiate a chargeback and prevent any financial loss. · For enquiries, please get in touch with our support team at [email protected].
• If you notice any potential system vulnerabilities, please report them to [email protected]. This is a monitored inbox, but we may not be able to respond to all reports.

What we are doing

We cannot apologise enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down.

We are in contact with potentially affected customers. We are working with our providers and local authorities to better address the incident. We are working with our current payment providers to implement a more secure credit card payment method, as well as conducting an in-depth security audit. All these measures will help us prevent such incidents from happening in the future