credential stuffing

Pierluigi Paganini March 20, 2024
Pokemon Company resets some users’ passwords

The Pokemon Company resets some users’ passwords in response to hacking attempts against some of its users. The Pokemon Company announced it had reset the passwords for some accounts after it had detected hacking attempts, Techcrunch first reported. The company was likely the target of credential stuffing attacks. Credential stuffing is an attack in which hackers […]

Pierluigi Paganini November 20, 2023
US teenager pleads guilty to his role in credential stuffing attack on a betting site

US teenager Joseph Garrison pleads guilty to carrying out a credential stuffing attack on a betting website. US teenager Joseph Garrison (19) has pleaded guilty to his involvement in a credential stuffing campaign that targeted user accounts at a fantasy sports and betting website.3 On or about November 18, 2022, the man launched a credential […]

Pierluigi Paganini March 05, 2023
Credential Stuffing attack on Chick-fil-A impacted +71K users

American fast-food restaurant chain Chick-fil-A reported that the accounts of over 71K users were compromised as a result of a credential stuffing campaign. The American fast-food restaurant chain Chick-fil-A notified over 71K users that their accounts have been compromised in a credential stuffing campaign that lasted at least two months. Upon discovering the attack, the […]

Pierluigi Paganini January 20, 2023
PayPal notifies 34942 users of data breach over credential stuffing attack

PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers’ accounts have been compromised between December 6 and December 8. The company added that the unauthorized accessed were the result of credential stuffing attacks and that its systems were not […]

Pierluigi Paganini October 30, 2022
Air New Zealand warns of an ongoing credential stuffing attack

Air New Zealand suffered a security breach, multiple customers have been locked out of their accounts after the incident. Air New Zealand suffered a security breach, threat actors attempted to access customers’ accounts by carrying out credential-stuffing attacks. What is credential stuffing? “Credential stuffing is a type of attack in which hackers use automation and lists […]

Pierluigi Paganini January 06, 2022
Threat actors stole 1.1 million customer accounts from 17 well-known companies

NY OAG warned 17 companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks. The New York State Office of the Attorney General (NY OAG) has warned 17 companies that roughly 1.1 million accounts of their customers were compromised in credential stuffing attacks. Credential stuffing attacks involve […]

Pierluigi Paganini February 18, 2021
Credential stuffing attack hit RIPE NCC: Members have to enable 2FA

RIPE NCC has disclosed a failed credential stuffing attack against its infrastructure, it asking its members to enable 2FA for their accounts. RIPE NCC announced to have suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts. The RIPE NCC is a not-for-profit membership association, a Regional Internet Registry and the […]

Pierluigi Paganini November 24, 2020
Credential stuffing attack targeted 300K+ Spotify users

Researchers uncovered a possible credential stuffing campaign that is targeting Spotify accounts using a database of 380 million login credentials. Security experts from vpnMentor have uncovered a possible credential stuffing operation that affected some Spotify accounts. Threat actors behind the campaign are using a database containing over 380 million records, including login credentials and other data for […]

Pierluigi Paganini July 09, 2020
15 billion credentials available in the cybercrime marketplaces

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. A report published by security firm Digital Shadows revealed the availability of more than 15 billion credentials shared on cybercrime marketplaces, paste sites, file sharing services, and code sharing websites. Over the past few […]

Pierluigi Paganini April 13, 2020
500,000+ Zoom accounts available for sale on the Dark Web

Zoom accounts are flooding the dark web, over 500 hundred thousand Zoom accounts are being sold on hacker forums. Over 500 hundred thousand Zoom accounts are available for sale on the dark web and hacker forums. Sellers are advertising them for .0020 cents each, in some cases they are offered for free. The huge trove of […]