Over 460,000 E-Retailer User Accounts Hacked
Between April 23 and May 10, threat actors compromised 461,091 user accounts for the e-commerce portals of Uniqlo and GU, the Japanese company that owns the two brands acknowledged in a statement on Monday. Fast Retailing Co., the biggest retail firm in Asia, said that hackers managed to obtain access
The Anatomy of Highly Profitable Credential Stuffing Attacks
A new elaborate report by Recorded Feature takes a deep dive into the world of credential stuffing. In a credential stuffing attack, a threat actor uses leaked or stolen login credentials for user accounts of one service, to try to gain access to accounts for another service, based on the knowledge
28 Billion Credential Stuffing Attempts During Second Half of 2018
A new Akamai report sheds light on the immense popularity of credential stuffing attacks among cyber criminals. In a credential stuffing attack, a threat actor uses leaked or stolen login credentials for user accounts of one service, to try to gain access to accounts for another service, based on the
Attackers Continue to Focus on Users, Well-Worn Techniques
Two new research reports indicate that threat actors mostly rely on traditional techniques, including phishing and credential stuffing, to target organizations. Trend Micro’s yearly security report for 2018 shows that the company detected 82% more phishing URLs in 2018 than it did the year before. The other report, a Rapid7
Double-Stuffed: Dunkin’ Hit by Another Credential-Stuffing Attack
For the second time in three months, Dunkin’ Donuts has stopped a credential stuffing attack targeting it’s loyalty program. The company believes the attackers aimed to compromise loyalty accounts by trying out login credentials for user accounts with other companies that have suffered a data breach. Credential stuffing takes advantage of
Dailymotion Resets Passwords After Credential Stuffing Attack
Credential stuffing attacks are on the rise. The latest victim is video platform Dailymotion, which has forced users to reset their passwords after it discovered that threat actors were attempting to access user accounts using stolen login credentials for other websites. The credential stuffing attacks began on January 19 and
Reddit users locked out of accounts after “security concern”
Reddit has informed a large number of users about a “security concern” that requires them to reset their passwords. The security concern refers to unusual user behavior spotted by Reddit admins, which indicated a credential-stuffing attack affecting many accounts. One Reddit admin explained that the company suspects threat actors were