If the position of these words is known, then yes. Definetely crackable. Within a short timeframe.
(2048 * 24) * (2048 * 24) * (2048 * 24) = 118,747,260,000,000+ combinations (note, I'm very tired, so this math is probably really wrong
![Tongue](https://bitcointalk.org/Smileys/default/tongue.gif)
If an attacker had 3 (out of 24) words without knowing any particular spot/order the amount of combinations would be:
Amount of 'iterations' when choosing 3 position out of 24 to guess (24 choose 3) = 2024 (without any order of these 3 words) -> (2024 * 3!) = 12 144 (considering all possible orders)
Now for each of these iteration you need to check 21 positions with 2048 words (204821) = 3,45087317 * 1069 combinations.
To sum it up: 12 144 * 3,45087317 * 1069 = 4,19074038 × 1073 would be the amount of combination.
Thats just slightly below the 2,96427748 × 1079 combinations from the full 24 words. Still considered safe.
Just saw its mentioned the other way around
![Roll Eyes](https://bitcointalk.org/Smileys/default/rolleyes.gif)
With 21 out of 24 words known you have 2024 possibilities to chose the position of the word -> multiplied with 3! -> 12 144 combinations to check.
Now each of those combinations has 20483 possibilities to get 'filled' -> 20483 * 12 144 = 104 316 165 685 248 combinations an attacker had to check.
I would say this is definetely possible to crack.
If you aren't sure whether your seed got compromised (or if you are sure it got somehow lost/compromised) you should create a new wallet/seed ASAP.