We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
EE Data Breach
DanDan889
Posts: 2 Newbie
in Phones & TV
Hi All,
Looking for some advice for my sister.
A few days ago a delivery service delivered a package to her house, some time later someone else shows up claiming to be from the same delivery company explaining that the package had been delivered to her by mistake, my sister didn't question the delivery guy and handed over the package - Note that my sister hadnt actually opened the package yet, so had no idea what was inside.
Later that day she receives a message from EE thanking her for upgrading her phone to a new iPhone... Bells obviously start to ring as she didn't agree to such a purchase, she then receives additional messages thanking her for purchasing Top-Ups and adding additional numbers to her account. At this point she realises that her EE account has clearly been compromised so she contacts EE to explain the situation. They've since passed everything onto the Fraud Dept.
Now here's the really interesting part!
EE advise my sister to change her EE account password, however this doesnt prevent further purchases of top-ups and additional numbers being added to the account. Now when my sister told me this it was clear to me that there was a good chance EE's database had been compromised somehow. I mean how else would someone be able to access her account following a change to the password - I've listed some ideas below. Access to the account has since been blocked by EE whilst they resolve the issue.
So the question is how has this happened and what should my sister do next? I personally think she should have EE resolve the situation ASAP and then cancel her subscription with them.
Also, how has this happened? What I think has happened:
Looking for some advice for my sister.
A few days ago a delivery service delivered a package to her house, some time later someone else shows up claiming to be from the same delivery company explaining that the package had been delivered to her by mistake, my sister didn't question the delivery guy and handed over the package - Note that my sister hadnt actually opened the package yet, so had no idea what was inside.
Later that day she receives a message from EE thanking her for upgrading her phone to a new iPhone... Bells obviously start to ring as she didn't agree to such a purchase, she then receives additional messages thanking her for purchasing Top-Ups and adding additional numbers to her account. At this point she realises that her EE account has clearly been compromised so she contacts EE to explain the situation. They've since passed everything onto the Fraud Dept.
Now here's the really interesting part!
EE advise my sister to change her EE account password, however this doesnt prevent further purchases of top-ups and additional numbers being added to the account. Now when my sister told me this it was clear to me that there was a good chance EE's database had been compromised somehow. I mean how else would someone be able to access her account following a change to the password - I've listed some ideas below. Access to the account has since been blocked by EE whilst they resolve the issue.
So the question is how has this happened and what should my sister do next? I personally think she should have EE resolve the situation ASAP and then cancel her subscription with them.
Also, how has this happened? What I think has happened:
- A. EE's customer Db has been hacked either recently or within the last 5 or so years. Customer data being sold on the dark web to fraudsters.
- B. Someone working within EE is working with these fraudsters - Strong possibility as how else are were they able to access her account without needing to reset her password.
- C. Has some sort of Spyware on her device
0
Comments
-
C is by far the most likely option.
She needs to review her domestic security measures.3 -
Yeah based on everything I've heard so theory C also carries some weight.1
-
or (common) D. she uses the same security details lots of places and it was compromised somewhere else and re-used on EE site. Check her email on haveibeenPwned4
-
And once the phone/computer or whatever has been sanitized, install a password manager (LastPass for instance) and use the random password generator to change every single password she has.Lorian said:or (common) D. she uses the same security details lots of places and it was compromised somewhere else and re-used on EE site. Check her email on haveibeenPwned
0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.3K Banking & Borrowing
- 252.9K Reduce Debt & Boost Income
- 453.2K Spending & Discounts
- 243.3K Work, Benefits & Business
- 597.8K Mortgages, Homes & Bills
- 176.6K Life & Family
- 256.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards