17 January, 2018
Fidus Information Security, based on these reports have undergone the payment security system on the OnePlus website, they have found that "The payment page which requests the customer's card details is hosted ON-SITE".
If you have recently picked up a OnePlus smartphone directly from the company's website, then you may want to keep an eye on your credit card statements. The company is looking into the issue, which appears to be connected with direct credit card payments only and not PayPal purchases.
There's potentially bad news cropping up for OnePlus this morning, as some users are reporting that their credit cards have been compromised after making a purchase on the OnePlus website. OnePlus, in a blog post, said the company "immediately began investigating as a matter of urgency" and this is an "ongoing investigation". However, the company is also known to find itself in hot waters often for different reasons - with the latest one being credit card frauds. If you notice any unusual activity on your credit or debit card, OnePlus recommends contacting your bank/card issuer directly before doing anything else.
According to the firm, OnePlus is now using the Magento e-Commerce platform, which is a common platform for credit card hacking and is known to contain cybersecurity flaws for at least two years.
Espanyol boss Quique Sanchez Flores turns down move to Stoke City
I'm in a great city and am involved in one of the best leagues in the world. We feel good and it is very hard for someone to leave.
A customer opened a thread over the weekend claiming that recent credit card fraud he experienced was connected to his OnePlus purchase. It revealed that each of the reports included customers who made card payments at oneplus.net. But they will not be able to decrypt the token so they can't access your credit card info. "Oneplus.net was initially built on the Magento eCommerce platform".
The company says that it uses various protocols to safeguard users' payment information, including sharing data over encrypted connections. "They will help you initiate a charge back and prevent any financial loss".
The company is investigating the issue with its third-party provider and is also conducting a "complete audit" of its website, which has HTTPS enabled.