The New York Attorney General Letitia James has notified seventeen different companies of cyberattacks that compromised user information. The attacks were discovered during an investigation into credential stuffing, and more than one million customer accounts were compromised. James reported that the attacks were previously undetected. The businesses included well-known online retailers, restaurant chains, and food delivery services, however, it is unknown which specific companies were affected.
Last year, the FBI reported that credential stuffing attacks were used to compromise 50,000 online bank accounts since 2017. Akamai also released a report regarding credential stuffing attacks, stating that 193 billion attacks occurred globally in 2020 alone. James stated that there are more than 15 billion stolen credentials currently in circulation on the internet. James also said that businesses have the responsibility to take appropriate action in protecting their customers online accounts and privacy.
Read More: NY AG notifies 17 companies of breaches, says 1.1 million accounts compromised in attacks