OnePlus Admits Credit Card Information Of 40,000 Customers May Have Been Stolen
OnePlus has just launched the new Lava Red colour variant of the OnePlus 5T in India, a few weeks after it was unveiled in China. While OnePlus 5T suitors might be rejoicing about another possible option to buy, there are a few customers who might be left with a sour taste in their mouths after shopping on the OnePlus store.
A few days ago, OnePlus shut down all credit card payments options on its official website after a few reports claimed that a lot of customers were facing issues after making payments on the OnePlus store. Affected customers reported cases of fraudulent transactions made without their knowledge, with one person saying someone ordered US $200 worth of Papa John’s pizza.
After an investigation, OnePlus posted a statement which will not ring a tone of good news in the ears of the Chinese company or the aggrieved customers. In its forums, the company posted the following:
We are deeply sorry to announce that we have indeed been attacked, and up to 40k users at oneplus.net may be affected by the incident. We have sent out an email to all possibly affected users.
The company confirmed that the severity of the problem is far larger than initially thought. It continues to state that this could have affected anyone who input credit card information on OnePlus’ website from as far back as mid-November 2017. During the investigation, it was discovered that one of OnePlus’ systems had been attacked by a malicious script that intermittently captured data from a user’s browser window.
While the infected server has since been isolated, it is unclear as to how much damage the infected server inflicted while its two-month-long active period. OnePlus says that credit card numbers, expiry dates, and security codes may have all been compromised. However, as a silver lining in the dark clouds, credit cards already saved on the site are apparently unaffected, according to OnePlus.
While the company took the opportunity and apologised to its customers, it is hard to imagine that the company’s reputation will remain unscathed after such a severe incidence. Whether the inability to make payments on its official website will have a huge impact on the sales, especially a few days after the company announced its record sales numbers of 2017, is yet to be seen. However, above the sales figures and record numbers lies the trust of a consumer, and that might be dented after such a huge security failure.