CATEGORIES
home News

OnePlus Disables Credit Card Processing After Customers Report Fraudulent Activity

by Brandon HillTuesday, January 16, 2018, 12:37 PM EDT
Yesterday, we reported that OnePlus had a potential serious security breach on its hands following reports from dozens of customers that they had experienced fraudulent activity on their credit cards after purchasing phones from the company's website. Security firm Fidus researched the issue and found that a small vulnerability in OnePlus’ credit payment processing platform on the website could be ripe for attack.

"Card payments are handled by CyberSource, the processing form is still hosted on the OnePlus infrastructure," said Fidus. "If an attacker had write access to this page, JavaScript could have been inserted to compromise data entered into CyberSource’s payment form on the client-side."

OnePlus 5T

While OnePlus at first remained quiet regarding the matter, it has since opened up with a FAQ posted on its discussion forum. The company initially provided the following statement on Monday morning:

At OnePlus, we take information privacy extremely seriously. Over the weekend, members of the OnePlus community reported cases of unknown credit card transactions occurring on their credit cards post purchase from oneplus.net. We immediately began to investigate as a matter of urgency, and will keep you updated.

After doing further digging into the reports of credit cards being compromised, the following update was posted:

As a precaution, we are temporarily disabling credit card payments at oneplus.net. PayPal is still available, and we are exploring alternative secure payment options with our service providers.

According to an informal poll posted in the original thread that shed light on the fraudulent activity, over 200 customers have seen unauthorized charges appear on their credit cards after using them on OnePlus' website.

"Same here, [purchased] phone beginning of December 2017 I was informed yesterday by my Credit Card issuer that they had detected what looked like fraudulent transactions," wrote vobemarsh. "Over £1000 of fraudulent transactions added to my account over the weekend. Card now cancelled waiting for replacement."

OnePlus vows to keep customers in the loop and provide updates on its findings after it completes a thorough audit of its payment processing service.

Tags:  fraud, OnePlus
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment