Live Updates: COVID-19 Cases
  • World 20,144,884
    World
    Confirmed: 20,144,884
    Active: 6,418,339
    Recovered: 12,990,473
    Death: 736,072
  • USA 5,218,584
    USA
    Confirmed: 5,218,584
    Active: 2,378,909
    Recovered: 2,673,846
    Death: 165,829
  • Brazil 3,039,349
    Brazil
    Confirmed: 3,039,349
    Active: 819,620
    Recovered: 2,118,460
    Death: 101,269
  • India 2,266,954
    India
    Confirmed: 2,266,954
    Active: 641,333
    Recovered: 1,580,269
    Death: 45,352
  • Russia 892,654
    Russia
    Confirmed: 892,654
    Active: 180,972
    Recovered: 696,681
    Death: 15,001
  • South Africa 559,859
    South Africa
    Confirmed: 559,859
    Active: 137,977
    Recovered: 411,474
    Death: 10,408
  • Mexico 480,278
    Mexico
    Confirmed: 480,278
    Active: 105,515
    Recovered: 322,465
    Death: 52,298
  • Peru 478,024
    Peru
    Confirmed: 478,024
    Active: 132,932
    Recovered: 324,020
    Death: 21,072
  • Chile 375,044
    Chile
    Confirmed: 375,044
    Active: 17,563
    Recovered: 347,342
    Death: 10,139
  • Spain 361,442
    Spain
    Confirmed: 361,442
    Active: 332,939
    Recovered: ?
    Death: 28,503
  • Iran 328,844
    Iran
    Confirmed: 328,844
    Active: 23,586
    Recovered: 286,642
    Death: 18,616
  • UK 311,641
    UK
    Confirmed: 311,641
    Active: 265,115
    Recovered: ?
    Death: 46,526
  • Saudi Arabia 289,947
    Saudi Arabia
    Confirmed: 289,947
    Active: 33,270
    Recovered: 253,478
    Death: 3,199
  • Pakistan 284,660
    Pakistan
    Confirmed: 284,660
    Active: 17,799
    Recovered: 260,764
    Death: 6,097
  • Bangladesh 260,507
    Bangladesh
    Confirmed: 260,507
    Active: 106,632
    Recovered: 150,437
    Death: 3,438
  • Italy 250,825
    Italy
    Confirmed: 250,825
    Active: 13,368
    Recovered: 202,248
    Death: 35,209
  • Turkey 241,997
    Turkey
    Confirmed: 241,997
    Active: 11,169
    Recovered: 224,970
    Death: 5,858
  • Germany 217,563
    Germany
    Confirmed: 217,563
    Active: 10,403
    Recovered: 197,900
    Death: 9,260
  • France 197,921
    France
    Confirmed: 197,921
    Active: 84,761
    Recovered: 82,836
    Death: 30,324
  • Canada 119,723
    Canada
    Confirmed: 119,723
    Active: 4,755
    Recovered: 105,986
    Death: 8,982
  • China 84,668
    China
    Confirmed: 84,668
    Active: 802
    Recovered: 79,232
    Death: 4,634
  • Netherlands 59,194
    Netherlands
    Confirmed: 59,194
    Active: 53,037
    Recovered: ?
    Death: 6,157
  • Australia 21,407
    Australia
    Confirmed: 21,407
    Active: 9,217
    Recovered: 11,876
    Death: 314
  • S. Korea 14,626
    S. Korea
    Confirmed: 14,626
    Active: 663
    Recovered: 13,658
    Death: 305
  • New Zealand 1,569
    New Zealand
    Confirmed: 1,569
    Active: 21
    Recovered: 1,526
    Death: 22

OnePlus confirms hacking and credit card data theft, 40,000 users affected

Author at TechGenyz Insights
OnePlus Hack

OnePlus has been hacked. This was confirmed by the company after announcing a few days ago that it was investigating the possible theft of bank data of its users who had purchased on its website. On January 16 they removed the possibility of paying by card, and today they confirmed all the details of the hack.

40,000 affected users

The company, which claims to be sorry for the event, has confirmed that some 40,000 users have been affected by the theft of data when buying on the oneplus.net website. All potentially affected users will receive an email from the company today informing them of the possible dangers they face.

What happened was that one of the OnePlus systems was attacked, and in it, a malicious script was implemented to obtain the data that was inserted on the payment page of the web. We remember that the data was not conveniently treated on the web, so that between entering the box and sending it to the web that managed the payment was stored in an insecure way on its website, not complying with the standards secure payment.

The malicious script captured the data that the user entered (as a keylogger) and sent them to a remote server. The company has confirmed that this script has already been removed from the web, and have isolated the affected server while reinforcing the entire security infrastructure.

Affected users are those who entered the credit card data between November 2017 and January 11, 2018. Among the stolen data are the credit card number, expiration date and security codes that were entered on the web.

If you paid with PayPal, you are safe

If the user had entered the bank details before mid-November and made a purchase between the period described above, the data was not stolen because it was already in the hands of the third-party payment manager. Users who paid with PayPal or with a credit card through PayPal are also not affected.

In case you have doubts, it is best that you cancel your card and verify the charges that you have received and that you do not recognize. As soon as you receive them, you must tell the bank to cancel them or even resort to credit card insurance. In case you have any questions you can contact the OnePlus technical service. If you find more security problems, the company asks that you send them to security@oneplus.net.

For now, the company continues to apologize to this incident and is in contact with affected customers. They are also working with the authorities to address the incident and are talking to their payment provider to implement a more secure payment system, along with a comprehensive security audit to prevent this problem in the future. What the company has not said that it is going to do is compensate the affected users (some gift like a cover, for example), which would not be bad to recover the confidence in them.

Career

Subscribe