Beijing, China (Web Desk): Nearly 40,000 customers of Chinese company OnePlus , were caught out by hackers who stole credit card details from the official website of phone maker.

Earlier this week after learning about the attack, the company stopped taking card payments via its site.

Recently an investigation has revealed that attackers stole data by exploiting a loophole in its payment system between mid-November 2017 and 11 January.

The company apologised and said affected customers would get free help to resolve card problems.

The Chinese media reported, OnePlus confirmed that it had been attacked adding: "a malicious script was injected into the payment page code to sniff out credit card info while it was being entered".

The company added that the malicious script ran "intermittently" and has now been expunged from the affected server. However, the loophole in its payment system that it exploited had also been eliminated.