Check your credit card statement closely if you’ve made a purchase from OnePlus within the last two months. It appears there has been some type of security breach in which payment information was stolen from customers who were just trying to buy a new phone or some accessories. OnePlus has confirmed that a rising number of its customers have experienced credit card fraud in the time since shopping online with them, and right now there’s an ongoing investigation to understand how exactly this happened.
Here’s the statement from OnePlus:
“At OnePlus, we take information privacy extremely seriously. Over the weekend, members of the OnePlus community reported cases of unknown credit card transactions occurring on their credit cards post purchase from oneplus.net. We immediately began to investigate as a matter of urgency, and will keep you updated.
Affected customers actually include myself. Early last week I bought the OnePlus 5T in Sandstone White to see if I liked the phone more than the Google Pixel 2 XL (which I don’t). A few days after making my purchase, I was alerted that someone tried making an unauthorized purchase at Walmart worth $790.
To whoever just tried making a $790 purchase at Walmart with my credit card, nice try.
— Justin Herrick (@JustHerrick) January 11, 2018
I’ve had my credit card number compromised multiple times before, so this didn’t exactly cause any panic. The company who issues my credit card, fortunately, stopped the transaction from going through. Immediately I used online chat to figure out what happened, and the card provider canceled the card before shipping a new one.
This week I’m seeing headlines relating to OnePlus customers and credit card fraud; therefore, now I have a strong suspicion of how my credit card was stolen. Like many others, making a purchase on OnePlus’ online store apparently put my payment information in jeopardy.
Apparently, the issue stems from this window between the time when payment information is submitted and received, at least according to information security analyst Fidus. Attackers are believed to have been able to pick up details while your name, credit card number, and other information sits in the form as it’s hosted on-site rather than elsewhere. OnePlus’ site is HTTPS encrypted, but that just isn’t enough to stop digital thieves from taking what they want.
If you’ve completed your purchases using PayPal, there’s nothing to worry about. This situation only involves those who used credit/debit cards since the payment information was typed out, watched by attackers, and then finally sent to OnePlus.
OnePlus says it’ll update everyone as the investigation progresses.
Win an iPhone, iPad and Apple Watch with the Reader's Choice giveaway!
What's the best phone of 2019? Is it the iPhone 11 Pro, Pixel 4 or OnePlus 7T? What about the best laptop, games console, tablet and more? Vote NOW in the Reader's Choice awards and win BIG in time for the holidays!
Here are the best products from IFA 2019!
Here are the products announced at IFA 2019 that were worthy of our Best of IFA 2019 awards. Also featuring MrMobile's single best product at the show!
Pixel 4 hands-on videos reveal all, including new 'Screen attention' mode
The Pixel 4 leaks continue to be fierce. Most recently, three hands-on videos showcasing the Pixel 4 in all of its glory have been uploaded to YouTube.
We've got you covered with the best area rugs around
Having a nice rug can set your room up perfectly, but a bad one can throw the whole ambiance off. We've hunted down the best rugs around, just for you.
