OnePlus has sent a letter to customers this morning, and confirmed in a post on the company's forums, that it was the target of a credit card hack. The attack was accomplished via a malicious script injected into the OnePlus.net payment page code, and allowed the attackers to see customer's credit card numbers, expiration dates, and security codes - enough information to easily allow those cards to be used for fraudulent purchases. Days ago, some users had begun reporting fraudulent card activity on cards they'd used on the site.

OnePlus says the code was injected into its servers sometime in mid-November - just as the OnePlus 5T was about to launch.

Read More