Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Up to 40K Affected in Credit Card Breach at OnePlusUp to 40K Affected in Credit Card Breach at OnePlus
The smartphone manufacturer has sent an email to anyone who may have been affected in the breach.
1 Min Read
Chinese smartphone manufacturer OnePlus has reported a credit card breach affecting up to 40,000 users at oneplus.net. Users who entered their credit card data on the website between mid-November 2017 and January 11, 2018 could be at risk.
Over the weekend of Jan. 13, OnePlus customers reported unknown credit card transactions appearing on their accounts following purchases from oneplus.net. The company began an investigation and learned one of its systems was attacked. A malicious script was injected into the payment page code to discover credit card information as it was being entered.
The malicious script has been eliminated, the infected server quarantined, and all relevant system structures reinforced. Users who paid using a saved credit card, the "Credit Card via PayPal" option, or PayPal should not be affected, OnePlus reports.
"This breach should be a reminder that HTTPS, while encrypted, is not a guarantee of a secure transaction as attackers can compromise the systems at both ends of any encrypted conversation," says Chris Morales, head of security analytics at Vectra.
Read more details here.
About the Author
You May Also Like
More Insights
Webinars
Shifting Left: DevSecOps in the Cloud
Feb 4, 2025Uncovering Threats to Your Mainframe & How to Keep Host Access Secure
Feb 13, 2025Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025
