Recently, we were saying something really serious: OnePlus had suffered a hack due to poor security management on its website. Hence, the well-known Chinese smartphone manufacturer OnePlus has suspended credit card payments after customers report fraudulent purchases.
OnePlus Hacked! Company Suspends Credit Card Payments
Yesterday we were saying something really serious: OnePlus had suffered a hack due to poor security management on its website. This caused that the banking data of the users who had paid since November on the website were in the hands of the hackers, and hundreds of users were receiving undue charges on their card. Now, the company has taken the first step of prudence.
OnePlus removes the option to pay by card after publishing the problem
As we said in the news, we did not understand how OnePlus, which claimed to be investigating the theft of data from their customers’ cards, continued to allow it to be paid on a website that was found to be unsafe. Finally, the company has eliminated the option to pay with a store card 48 hours after recognizing that they had suffered a security breach and that they were investigating it.
The company has updated the post of its forum where they are reporting the whole matter, saying that they have temporarily disabled the payment with a card as a precaution, being only PayPal available at the moment.
The company is investigating with its providers of alternative payment services to use it temporarily and securely while checking that the payment system is hack-proof ( cryptocurrencies like Ripple?).
The payments that have been affected by the hack are those that were made with a credit card, whereas if they were made through PayPal there is no security problem. Since the company have not yet reported if the problem was theirs or the third party provider responsible for managing payments.
The data was not processed securely on the OnePlus website
As we gathered yesterday, Fidus affirmed that there was a moment in which the data was not being used in a secure way: between the user entering the bank details in the web box, and these were sent to the web that processed the payment.
At that moment the data went through the OnePlus website in an unsafe way, so they could be intercepted. In addition, the security company highlighted that OnePlus does not operate in accordance with the PCI secure payment standard.
Therefore, we recommend that you do not buy anything for the moment on the OnePlus website until the problem is solved. We will see how this affects the company since its website is the only means that currently exists to buy its phone in virtually the entire world, including India as well. In the event that you have made a purchase on the web, or have received undue charges, we recommend that you contact your bank to block the card, and cancel payments and use your card insurance in case that it was necessary.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.