CyberNews Briefs

63 billion credential stuffing attacks hit retail, hospitality, travel industries

Security firm Akamai has published a report detailing criminal activity pertaining to a massive wave of credential stuffing attacks targeting the retail, travel, and hospitality industries. The campaign occurred between July of 2018 and June 2020. Akamai’s report includes examples of advertisements on the darknet demonstrating how cybercriminals gain financial compensation for the successful attacks and the subsequent data theft.

Credential stuffing has risen in popularity as a successful attack form among threat actors, according to Akamai, due to their nature in containing tons of personal and financial information. Retail and loyalty profiles are an attractive target to cybercriminals, as they can sell personal information to other criminals who will later use the data for further attacks such as phishing attempts. During the COVID-19 pandemic, criminals allegedly recirculated old credential lists in an effort to detect new vulnerable accounts. According to security researchers, more than 100 billion credential stuffing attacks were observed between July of 2018 and June 2020.

Read More: 63 billion credential stuffing attacks hit retail, hospitality, travel industries

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.