Some OnePlus credit customers’ data may be at risk

OnePlus is investigating widespread reports of its customers confronting fraudulent activity on their credit accounts after purchasing a phone from the company.

A user-generated poll posted on the company’s community forum found that most who found fraud — a lot of it on gambling charges — had purchased their device within the last two months. Social media checks found that many of those customers were from the United Kingdom. Those using PayPal or another third-party processor were apparently not affected.

This morning, OnePlus only said that it is working with its partners to look into the issue and that affected customers should initiate chargebacks with their banks. The company says that it is auditing its custom HTTPS-encrypted payment platform. It also claims to have moved away from the CyberSource Magneto platform, a processing system targeted by a big vulnerability in 2015.

Third-party information security firm Fidus has since reported, though, that OnePlus is using the Magneto add-on to its custom on-site system. It posits two theories: either malicious script on OnePlus’s site was placed and then cleaned up or a bigger issue could lie with CyberSource itself.

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Jules Wang
Jules Wang is News Editor for Pocketnow and one of the hosts of the Pocketnow Weekly Podcast. He came onto the team in 2014 as an intern editing and producing videos and the podcast while he was studying journalism at Emerson College. He graduated the year after and entered into his current position at Pocketnow, full-time.