From mid-November 2017 until 11 January this year, the site of the manufacturer of smartphones OnePlus worked a malicious script that stole payment data from users when they made out the purchase. Such a recognition the company made after the beginning of the appearance of reports of fraud with cards, through which payment was made on the official website of OnePlus. In total, according to the manufacturer, about 40,000 customers were stolen. At the same time, users who already had a card on the site, as well as those who paid through PayPal or with its help, ostensibly should not suffer from hacking.
OnePlus also reported that they disabled the server with a malicious script, checked all systems and are now working with their payment system to improve security features. In this case, the company must contact all affected customers, but the official message does not say whether compensation will be given to them.
Recall that this is not the first time that OnePlus gets into a scandal involving a careless attitude to user data. Last year, she was convicted of unauthorized collection of information on her smartphones , as well as the fact that she specifically left the backdoor in her firmware .