OnePlus Online Payment System Reportedly Hacked as Customers Face Credit Card Misuse

Follow Us

Several OnePlus users on the forums page are now reporting their credit card misuse after their purchase on the OnePlus website recently. A user on OnePlus forums has posted that he recently used credit cards to purchase OnePlus smartphones, and now, he's informed from his bank about several transactions requested on his credit card which has worried him. Right after this person, several other people joined the post and reported the same misuse of credit card.

oneplus-5t-star-wars-edition-telecomtalk-10




The first person also reported that he did not use both the credit cards in the last six months, expect the OnePlus website to purchase the smartphones. We have reached out to OnePlus about the same issue and is yet to receive any response from them. We will update this post once the company gives us an update on the issue.

Meanwhile, we have the issue investigated by information security firm Fidus. The firm says that OnePlus is currently using the Magento e-commerce platform which is a common platform for credit card hacking.

Furthermore, Fidus says "the payment page which requests the customer’s card details is hosted ON-SITE and is not an iFrame by a third-party payment processor. This means all payment details entered, albeit briefly, flow through the OnePlus website and can be intercepted by an attacker. Whilst the payment details are sent off to a third-party provider upon form submission, there is a window in which malicious code is able to siphon credit card details before the data is encrypted."

oneplus-credit-card-issue

Straight away, Fidus highlighted two issues that stand out in the current OnePlus payment system. Firstly, "OnePlus do not appear to be PCI compliant, nor do they mention this anywhere on the website," regarding the third-party provider usage. Secondly, OnePlus did not mention that they do not handle card payments that are made on its website.

While OnePlus is known for some great smartphones, they have been plagued with such issues in the past too. Also, the intensity of this issue is unknown at the moment. The Fidus investigation has nearly confirmed the issue is at OnePlus' end itself, and it will be interesting to see how OnePlus responds to this.

Update: OnePlus has now given some clarity on this issue which you can read it over here.

Recent Comments

Hum Tum :

Losses for Operators: Jio lost 79,60,000 subscribers.Vi (Vodafone Idea) lost 15,50,000 subscribers.Airtel lost 14,30,000 subscribers.So, the total loss across these…

Jio, Airtel, and Vodafone Idea See Subscriber Losses, While BSNL…

TheAndroidFreak :

BSNL will do wonders when sites reaches 3L with 700Mhz. It will take three years. But next one year or…

Jio, Airtel, and Vodafone Idea See Subscriber Losses, While BSNL…

TheAndroidFreak :

Yes. 4s Gen 2 no longer operates in 5G NSA (Non-Standalone) mode and supports 5G SA (Standalone) mode only, with…

Airtel's 5G Won't Work on Redmi A4 5G

TheAndroidFreak :

Off Topic : Jio is testing 5G on band 40 and 5.

Jio, Airtel, and Vodafone Idea See Subscriber Losses, While BSNL…

TheAndroidFreak :

I mean a lot of other devices attached to dongle.

Jio, Airtel, and Vodafone Idea See Subscriber Losses, While BSNL…

Load More
Subscribe
Notify of
2 Comments
newest
oldest most voted
Inline Feedbacks
View all comments