Security & Fraud

OnePlus Users' Credit Card Info Hacked

Hackers may have infiltrated the consumer website of OnePlus, the Chinese smartphone maker, stealing customers' credit card information.

According to a report in TheNextWeb, the cybersecurity company Fidus has found a way for hackers to steal sensitive credit card information from the company’s website. The report noted that hundreds of impacted users have complained on Reddit and OnePlus official forums about suspicious activity on their credit cards. Customers contend the first fraud attempts happened within a year of purchasing a phone from OnePlus website.

Fidus noted that it can’t confirm that OnePlus was hacked, only that it spotted a vulnerability that could have led to would-be attacks. “We stepped through the payment process on the OnePlus website to have a look what was going on. Interestingly enough, the payment page, which requests the customer’s card details, is hosted ON-SITE,” a post from Fidus said, according to TheNextWeb. “This means all payment details entered, albeit briefly, flow through the OnePlus website and can be intercepted by an attacker.”

OnePlus hasn’t said anything on the record yet, but the report noted that a moderator of a OnePlus forum who purports to have an information technology background tried to cast doubt on the research, saying the evidence doesn’t support Fidus’ claims.

The potential hack of the Chinese smartphone maker comes at a time when rival company Huawei lost a deal to sell its smartphones via AT&T over security concerns. According to a Reuters report last week, AT&T was pressured to bow out of the deal after lawmakers sent a letter to the Federal Communications Commission in December raising concerns about Huawei’s plan to roll out consumer products through a U.S. telecom carrier. The letter was signed by 18 lawmakers.

——————————

LIVE PYMNTS TV OCTOBER SERIES: POWERING THE DIGITAL SHIFT – B2B PAYMENTS 2021 

Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.

TRENDING RIGHT NOW