OnePlus Website Gets Hacked, Credit Card Details Of Customers Compromised

For a few days now, there have been reports circulating on social media that a number of people who previously made purchases via the OnePlus website have subsequently found themselves on the receiving end of fraudulent transactions on their cards. This has, unfortunately, now been confirmed by OnePlus as well, with the company emailing customers and releasing a statement confirming that anyone who has made a purchase via its website since November may be at risk.

According to OnePlus, the issue came about thanks to code that was injected into its servers some time during November, allowing a third party to steal credit card numbers, expiry dates, and security codes – plenty of information to make fraudulent purchases. If you made a purchase via over the past three months, your card details were possibly compromised. If you paid via PayPal, however, you are safe and sound. OnePlus also points out that saved card details entered into the site before November are also not impacted by this issue.

For now, PayPal is the only option available during checkout on the OnePlus website, and we expect that to remain the case for some time yet. If you did make a purchase from November onward, and used a card as the payment method, we suggest you cancel that card ASAP and check your statements for transactions that you do not recognize as legitimate. Below is the full OnePlus statement outlining what has happened, including confirmation that OnePlus is now carrying out a full security audit to ensure it can prevent similar incidents occurring in the future.

We are deeply sorry to announce that we have indeed been attacked, and up to 40k users at may be affected by the incident. We have sent out an email to all possibly affected users.

  1. What happened

One of our systems was attacked, and a malicious script was injected into the payment page code to sniff out credit card info while it was being entered.

  • The malicious script operated intermittently, capturing and sending data directly from the user’s browser. It has since been eliminated.
  • We have quarantined the infected server and reinforced all relevant system structures.
  1. Who’s affected
  • Some users who entered their credit card info on between mid-November 2017 and January 11, 2018, may be affected.
    • Credit card info (card numbers, expiry dates and security codes) entered at during this period may be compromised.
    • Users who paid via a saved credit card should NOT be affected.
    • Users who paid via the “Credit Card via PayPal” method should NOT be affected.
    • Users who paid via PayPal should NOT be affected.
  • We have contacted potentially affected users via email.
  1. What you can do
  • We recommend that you check your bank statements and report any charges you don’t recognise to your bank. They will help you initiate a chargeback and prevent any financial loss. · For enquiries, please get in touch with our support team at
  • If you notice any potential system vulnerabilities, please report them to This is a monitored inbox, but we may not be able to respond to all reports.
  1. What we are doing

We cannot apologize enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down.

We are in contact with potentially affected customers. We are working with our providers and local authorities to better address the incident. We are working with our current payment providers to implement a more secure credit card payment method, as well as conducting an in-depth security audit. All these measures will help us prevent such incidents from happening in the future.

You may also like to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.