Criminals are selling British O2 customers’ online identities on the Dark Web
Coldhearted con-men could RUIN victims' lives using devastating stolen info
Crooks are flogging British O2 customers' stolen online identities on the dark web, researchers have revealed.
Cyber-scammers managed to nick usernames and passwords during a hack on a popular gaming website.
In some cases, this information was enough to let hackers log onto victims' O2 accounts and escape with vital information.
An ethical hacker w, who were able to get enough data about one victim to trace her address.
Hasnain Shaw, from Chester, said: "I was away from home when eBay contacted me to say there was some suspicious activity on my account. I checked and it looked like there were cars for sale on my account.
"Four weeks ago, I got a similar email from Gumtree. It looked like the same people had got access to that account because it was the same cars being advertised."
The risk arises when people use the same email address and password on many different online services.
If crooks get their hands on this info, they immediately use automatic software to see if it can be used to access other accounts - a process known as credential stuffing.
Related Stories
In a statement, O2 said: "Credential stuffing is a challenge for many businesses. We have reported all the details passed to us about the seller to law enforcement and we continue to help with their investigations.
"We act immediately if we are given evidence of personal credentials being taken from the internet and used to try and compromise a customer's account."
We pay for your stories! Do you have a story for The Sun Online news team? Email us at [email protected] or call 0207 782 4368