Smartphone maker OnePlus has confirmed that the recent credit card security breach on its official website has affected up to 40,000 customers.
Earlier this week, customers complained of fraudulent transactions being made from their credit cards after they shopped from OnePlus' online store.
OnePlus has since shut down the facility of making credit card payments on its website.
A third-party investigation confirmed that customers' credit card information was indeed stolen while they were buying OnePlus goods.
It revealed that a script was installed on OnePlus' payment processing servers that captured all credit card information like security codes and card numbers from customers' browsers.
The malicious script has been eliminated but the ongoing investigation is still determining how OnePlus' servers were broken into.
As compensation, the company is offering affected customers free credit monitoring service for an entire year.
While credit card payments remain suspended on OnePlus' website, customers can still shop through PayPal.
The company has also assured that it is working to put a more secure credit card payment method in place before making the facility available again.
"We cannot apologize enough for letting something like this happen. We are eternally grateful to have such a vigilant and informed community, and it pains us to let you down," OnePlus said.
Want to share it with your friends too?
Love Science news?
Subscribe to stay updated.