OnePlus Online Payment System Reportedly Hacked as Customers Face Credit Card Misuse

By January 15th, 2018 AT 2:33 PM

Several OnePlus users on the forums page are now reporting their credit card misuse after their purchase on the OnePlus website recently. A user on OnePlus forums has posted that he recently used credit cards to purchase OnePlus smartphones, and now, he’s informed from his bank about several transactions requested on his credit card which has worried him. Right after this person, several other people joined the post and reported the same misuse of credit card.


The first person also reported that he did not use both the credit cards in the last six months, expect the OnePlus website to purchase the smartphones. We have reached out to OnePlus about the same issue and is yet to receive any response from them. We will update this post once the company gives us an update on the issue.

Meanwhile, we have the issue investigated by information security firm Fidus. The firm says that OnePlus is currently using the Magento e-commerce platform which is a common platform for credit card hacking.

Furthermore, Fidus says “the payment page which requests the customer’s card details is hosted ON-SITE and is not an iFrame by a third-party payment processor. This means all payment details entered, albeit briefly, flow through the OnePlus website and can be intercepted by an attacker. Whilst the payment details are sent off to a third-party provider upon form submission, there is a window in which malicious code is able to siphon credit card details before the data is encrypted.”


Straight away, Fidus highlighted two issues that stand out in the current OnePlus payment system. Firstly, “OnePlus do not appear to be PCI compliant, nor do they mention this anywhere on the website,” regarding the third-party provider usage. Secondly, OnePlus did not mention that they do not handle card payments that are made on its website.

While OnePlus is known for some great smartphones, they have been plagued with such issues in the past too. Also, the intensity of this issue is unknown at the moment. The Fidus investigation has nearly confirmed the issue is at OnePlus’ end itself, and it will be interesting to see how OnePlus responds to this.

Update: OnePlus has now given some clarity on this issue which you can read it over here.

Read more on:

Leave a Reply

Photo and Image Files
2 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
2 Comment authors
Airtel LoverJason Recent comment authors
newest oldest most voted
Airtel Lover
Airtel Lover

Had to happen one day with this Chinese crap 🙁


omg, i am reading the official thread for more details. And yes it was confirmed by many users…one after the other OP gets the hit..Hope an official release of the issue fixed come soon!..

Recent Posts

MIUI Now Gets App Drawer Support and Many Features of Poco Launcher

Xiaomi’s custom UI, the MIUI is probably one of the most popular custom ROMs on the planet right now because...

Poco to Venture into Multiple Price Segments This Year Starting With Poco X2

Poco is slowly making inroads into the Indian smartphone market again. After separating from Xiaomi, the company is all set...

Infinix S5 Pro to Offer Pop-Up Selfie Camera Under Rs 10,000

Infinix S5 Pro will make its debut in India next month as the country’s cheapest phone with a pop-up selfie...