After being discovered to sneakily harvest hoards of user data, Chinese company, OnePlus, is making headlines again for their lax approach to customer data security. This time, they are faced with the serious matter of credit card fraud.
Several OnePlus customers have experienced wacky credit card transactions on the cards they used to buy a device directly from the provider’s official website. According to a poll and discussion on OnePlus forums, at least 68 people are reporting incidences of credit card fraud they have experienced after OnePlus transactions running from very recent to more than four months ago.
OnePlus confirmed they were investigating it as “a matter of urgency.”
How did it happen?
As Findus Information Security reports, OnePlus use Magento eCommerce, a platform that has previously been compromised by hackers. On top of that, when paying by card, all details must be filled out on a form on the OnePlus website BEFORE being sent to the third party provider and encrypted. This gives hackers a nice little window to intercept all the details. As OnePlus 5T is one of the most popular phones at the minute, hackers saw an opportunity on a company website that is not Payment Card Industry Data Security Standard PCI compliant.
OnePlus make great smartphones—this blogger has one, she bought it on the company website using PayPal (thankfully), and it is a thing of beauty—their track record on securing customer data is pretty terrible though.
If you take your data security seriously, download get2Clouds® from NOS Microsystems today. It’s the safest way to chat and share files online.