However, the forum post confirms that the severity and scale of the problem is far larger than initially thought, as the breach may have affected anyone who input credit card information on OnePlus' website from as far back as mid-November 2017 previous year.
The admission that there was a data breach comes three days after OnePlus announced that it was temporarily disabling credit card payments on its website. Shortly after these reports started rolling in, OnePlus posted on the forum to confirm that it was aware of the issue and that an investigation is underway. "One of our systems was attacked", the post reads. Card number, expiry date and security code have been compromised. OnePlus stresses that those who paid using saved credit card information, credit cards routed through PayPal, or PayPal itself likely aren't affected by this, which is good news.
OnePlus does a pretty decent job in letting people know what happened in its latest blog update.
Facebook will now ask users to rank news organizations they trust
As such, Facebook will ask users during a series of ongoing surveys what news sources they are familiar with and if they trust it. To do so, he said, Facebook chose to rely on member surveys as the most "objective" way to rank trust in news sources.
WhatsApp has a new business app for Android
There's a brand new official version of WhatsApp , but it won't be replacing the current green-icon messenger you know and love. The Business App seems like the foundation stone to the bigger enterprise solution that WhatsApp plans to create.
Apple pledges $350B toward USA economy with repatriated overseas cash
NPR's Laura Sydell told Kelly McEvers, host of All Things Considered , that Apple has kept some $250 billion outside the U.S. Apple told CNBC's Mad Money past year that it would invest $1 billion fund to promote advanced manufacturing jobs in the US.
OnePlus says it has eliminated the malicious script in question and stopped using the infected server, so the problems shouldn't persist. OnePlus has been working with a third-party security firm to look into how the apparent security breach occurred. It is also working with local authorities during the investigation. The Verge reports that the company is now working to launch a more secure credit card payment processing system before it re-enables standard payments, with hopes that this OnePlus credit card breach never happens again. OnePlus is suggesting that all recent customers check their card statements and report any signs of possible fraudulent activity directly to their bank. "All these measures will help us prevent such incidents from happening in the future", the company added.
It's too early to tell yet, but the company might be investigated by the PCI Security Standards Council for failing to encrypt payments information on its website.
Until the investigation is completed, credit card payments on the OnePlus online store will be suspended, with customers urged to complete payments via PayPal in the meantime. The company is also considering offering a year long subscription of credit monitoring service for free to all the customers who were affected.