OnePlus Online Payment System Reportedly Hacked as Customers Face Credit Card Misuse

By January 15th, 2018 AT 2:33 PM

Several OnePlus users on the forums page are now reporting their credit card misuse after their purchase on the OnePlus website recently. A user on OnePlus forums has posted that he recently used credit cards to purchase OnePlus smartphones, and now, he’s informed from his bank about several transactions requested on his credit card which has worried him. Right after this person, several other people joined the post and reported the same misuse of credit card.


The first person also reported that he did not use both the credit cards in the last six months, expect the OnePlus website to purchase the smartphones. We have reached out to OnePlus about the same issue and is yet to receive any response from them. We will update this post once the company gives us an update on the issue.

Meanwhile, we have the issue investigated by information security firm Fidus. The firm says that OnePlus is currently using the Magento e-commerce platform which is a common platform for credit card hacking.

Furthermore, Fidus says “the payment page which requests the customer’s card details is hosted ON-SITE and is not an iFrame by a third-party payment processor. This means all payment details entered, albeit briefly, flow through the OnePlus website and can be intercepted by an attacker. Whilst the payment details are sent off to a third-party provider upon form submission, there is a window in which malicious code is able to siphon credit card details before the data is encrypted.”


Straight away, Fidus highlighted two issues that stand out in the current OnePlus payment system. Firstly, “OnePlus do not appear to be PCI compliant, nor do they mention this anywhere on the website,” regarding the third-party provider usage. Secondly, OnePlus did not mention that they do not handle card payments that are made on its website.

While OnePlus is known for some great smartphones, they have been plagued with such issues in the past too. Also, the intensity of this issue is unknown at the moment. The Fidus investigation has nearly confirmed the issue is at OnePlus’ end itself, and it will be interesting to see how OnePlus responds to this.

Update: OnePlus has now given some clarity on this issue which you can read it over here.

Read more on:

Leave a Reply

Photo and Image Files
2 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
2 Comment authors
Airtel LoverJason Recent comment authors
newest oldest most voted
Airtel Lover
Airtel Lover

Had to happen one day with this Chinese crap 🙁


omg, i am reading the official thread for more details. And yes it was confirmed by many users…one after the other OP gets the hit..Hope an official release of the issue fixed come soon!..

Recent Posts

Redmi Teases Ultra Premium Gold Clad Special Variant of K20 Pro Hours Ahead of India Launch

The Redmi K20 Pro is going to be one of the biggest launches by Xiaomi this year in India. The...

Hathway Broadband ARPU Dipped to Rs 650 in Q1 FY20

Hathway Cable and Datacom has released its financial report for the quarter ending June 2019. The financial statement of the...

Twitter Desktop Redesign Starts Rolling Out, Users Disappointed With the New Look

Call it a sureshot Snapchat redesign fiasco in the making. The new Twitter look on desktop left users baffled on...