O2 hired a hacker to uncover people's passwords, and it took just 3 minutes to break into accounts

Hackers can steal your password information in as little as three minutes
|SORA/ GB NEWS
All products and promotions are independently selected by our experts. To help us provide free impartial advice, we will earn an affiliate commission if you buy something. Click here to learn more
How you can protect yourself from these types of attacks
- Virgin Media O2 hired an ethical hacker to uncover passwords
- The company found that it takes only three minutes to steal a password
- Hackers can also find home addresses, phone numbers, and even places you've visited
- More than 50% of people worry about being hacked
- There are seven steps you can follow to protect yourself
Don't Miss
Most Read
Latest
If you've ever wondered how quickly someone could crack your password and break into your account, Virgin Media O2 has the answer — and it's a matter of minutes. The telecom brand brought in ethical hacker Brandyn Murtagh to demonstrate exactly how cybercriminals work their magic.
"It can take just three minutes for a hacker to find a password and put people's accounts at risk," Mr. Murtagh explained.
Even though "hacker" is in his job title, believe it or not, Mr. Murtagh's one of the good guys. He is what's known as a "White Hat" hacker, which means he deploys the same tricks as criminals to help fix security problems instead of causing them. It's through vigorous testing from White Hat hackers like Brandyn Murtagh that brands are able to improve their security processes and defences.
Passwords weren't the only thing Mr. Murtagh was able to steal in his time with Virgin Media O2.
The broadband and mobile network asked people to volunteer for a security assessment, in which they gave the ethical hacker their email address. With just this single piece of information, Brandyn was able to find personal data including their home address, phone number, and even places they’ve recently visited.
All this is from publicly available information from data breaches that have been pieced together online.
With the ease of hackers being able to steal information so quickly, fraud attempts have only continued to rise.
Figures from the Office of National Statistics show an eye-watering 4.2million incidents of fraud were reported between March 2024 and March 2024 in the UK, that's 81,000 attacks every single week.
Virgin Media O2's been busy trying to protect customers, too. They've blocked 500 million fraudulent texts this year alone and flag 50 million suspicious calls monthly. Their Advanced Security service has stopped 115 million unsafe websites and protected 4 million banking sessions in just one year.
In a matter of minutes, the White Hat Hacker was able to unearth people’s passwords – including those being used today – and personal data including their address, phone number and even places they’ve recently visited
So, how are hackers able to slip through so quickly?
Nearly 8 in 10 people are making the same dangerous mistake. Virgin Media O2's research found that 78% of Brits use identical or almost identical passwords across different online accounts.
You might be doing it too. People reuse passwords for their emails (35%), social media (31%), and even online banking (15%). So many of us know it's risky - more than 50% of people worry about being hacked.
LATEST DEVELOPMENTS
Switch to 1Password for FREE
The award-winning 1Password will generate and store unguessable passwords, passkeys, credit card numbers, national insurance numbers, and more. This encrypted vault is available across all of your devices. Its built-in WatchTower feature evaluates password strength and warns about data breaches that impact you. 1Password is currently free to test for 14 days with no obligation to subscribe
So, why do so many keep doing it?
It's simple, really. With several social media platforms, streaming services, software programs, etc., there are too many passwords to remember, so it's easy to stick with ones that are easy to recall, and typing long, complicated passwords can feel tedious.
Even those who've been hacked before admit they'd probably use the same passwords again. A quarter of password recyclers confess they'd go back to their old habits when opening new accounts.
Want to take extra precautions to stay safe?
Here are seven tips to take into consideration the next time you set-up a new account online...
- Never reuse passwords - not even with tiny changes like adding an exclamation mark. Hackers have tools that try all the common variations
- Make your passwords at least 14 characters long using a mix of letters, numbers and symbols. The longer, the better - it could take hackers years to crack these
- Always switch on two-factor authentication when it's available. You'll need to enter a code sent to your phone or email, so even if someone gets your password, they can't access your account if they need one of your devices
- Password managers are your best friend. They can create strong passwords for you and remember them all - much safer than writing them down or using your pet's name
- If you're starting to change your passwords, tackle the important ones first. Your financial accounts, email, mobile operator and work logins should be top priority - they've got your most sensitive information
- Be careful what you share online. Hackers connect the dots between your social media posts and login details, especially if you use your pet's name or birthday as passwords
- Public Wi-Fi's another risk. Your phone's mobile hotspot is much safer, or use a VPN if you must connect to public networks.