News you can trust since 1853
Edit Account-Sign Out
My AccountSign Out
NationalWorldTV
BREAKING
Asda and Lidl shoppers issued urgent warning as products recalled
ITV announce external review following Phillip Schofield’s exit
Nasa holds first public meeting about UFO sightings
Couple ‘absolutely ecstatic’ after winning £300,000 on scratchcard
Peter Andre GB News debut causes huge social media row
Sky customers banned from sharing Netflix accounts

O2 customer data being sold to criminals on dark net, investigation finds

O2 customer data including phone numbers, emails, passwords and dates of birth, is being sold by criminals on the dark net.
By The Newsroom
Published 30th Jul 2016, 09:00 BST- 1 min read
O2 issueO2 issue
O2 issue

The data was almost certainly obtained by using usernames and passwords first stolen from gaming website XSplit three years ago to log onto O2 accounts, the BBC’s Victoria Derbyshire programme has learned.

When the log-in details matched, the hackers could access O2 customer data in a process known as “credential stuffing”.

Hide Ad
Hide Ad

O2 says it has reported the case to police, and is helping the inquiry.

It is highly likely this technique will have been used to log onto other companies’ accounts, too.

Most Popular

All the O2 account holders whose details the BBC has seen have been informed, with many saying they had used the same login for other online accounts.

O2 said in a statement: “We have not suffered a data breach. Credential stuffing is a challenge for businesses and can result in many company’s customer data being sold on the dark net.

Hide Ad
Hide Ad

“We have reported all the details passed to us about the seller to law enforcement and we continue to help with their investigations.”