Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

Oneplus Confirms Hacking and Credit Card Data Theft, 40,000 Users Affected

Varun Kesari
Varun Kesari
Blogger | Youtuber | Music lover | Tech enthusiastic | Proud To be INDIAN

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

OnePlus has been hacked. This was confirmed by the company after announcing a few days ago that it was investigating the possible theft of bank data of its users who had purchased on its website. On January 16, they removed the possibility of paying by card, and today they confirmed all the details of the hack.

40,000 affected users

The company, which claims to be sorry for the event, has confirmed that some 40,000 users have been affected by the theft of data when buying on the oneplus.net website. All potentially affected users will receive an email from the company today informing them of their possible dangers.

One of the OnePlus systems was attacked, and a malicious script was implemented to obtain the data that was inserted on the payment page of the web. We remember that the data was not conveniently treated on the web, so that between entering the box and sending it to the web that managed the payment was stored in an insecure way on its website, not complying with the standards of secure payment.

The malicious script captured the data that the user entered (as a keylogger) and sent them to a remote server. The company has confirmed that this script has already been removed from the web and have isolated the affected server while reinforcing the entire security infrastructure.

Affected users are those who entered the credit card data between November 2017 and January 11, 2018. Among the stolen data are the credit card number, expiration date and security codes that were entered on the web.

If you paid with PayPal, you are safe

If the user had entered the bank details before mid-November and made a purchase between the period described above, the data was not stolen because it was already in the hands of the third-party payment manager. Users who paid with PayPal or with a credit card through PayPal are also not affected.

In case you have doubts, it is best to cancel your card and verify the charges you have received that you do not recognize. You must tell the bank to cancel them or even resort to credit card insurance as soon as you receive them. In case you have any questions, you can contact the OnePlus technical service. If you find more security problems, the company asks that you send them to security@oneplus.net.

For now, the company continues to apologize for this incident and is in contact with affected customers. They are also working with the authorities to address the incident and are talking to their payment provider to implement a more secure payment system, along with a comprehensive security audit to prevent this problem in the future. The company has not said that it will compensate the affected users (some gifts like a cover, for example), which would not be bad to recover their confidence in them.

Join 10,000+ Fellow Readers

Get Techgenyz’s roundup delivered to your inbox curated with the most important for you that keeps you updated about the future tech, mobile, space, gaming, business and more.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic