#credentialstuffing — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #credentialstuffing, aggregated by home.social.
-
🚨 149M credentials exposed: Gov accounts, banks, crypto wallets hit in 96GB breach
Database sat unprotected for weeks. Multi-factor auth now critical.
#AdwaitX #Cybersecurity #DataBreach #InfoSec #CyberThreats #CredentialStuffing #news #tech #technology
https://www.adwaitx.com/149m-credentials-infostealer-breach-2026/
-
Have I Been Pwned (HIBP) adds nearly 2 billion email addresses from Synthient credential-stuffing data, expanding the exposure database and underscoring the risk of reused passwords. 🔐💥 Read the full details: https://cyberinsider.com/hibp-adds-2-billion-leaked-emails-from-credential-stuffing-dataset/ #CyberSecurity #HIBP #CredentialStuffing #DataBreach #PasswordSecurity
#privacy #security -
🥱Oh no, yet another riveting tale of "credential stuffing"—because apparently, reminding us that passwords are our Achilles' heel never gets old. 🤪 Dan Moore heroically informs us that attackers are... get this... using stolen credentials! 😱 Next thing you know, he'll reveal that water is wet and the sky is blue. 🌧️🌤️
https://ciamweekly.substack.com/p/credential-stuffing #credentialstuffing #passwordsecurity #cybersecurity #databreach #onlineprivacy #HackerNews #ngated -
DraftKings Warns Users of Credential Stuffing Attacks https://www.securityweek.com/draftkings-warns-users-of-credential-stuffing-attacks/ #credentialstuffing #DataBreaches #databreach #DraftKings
-
DraftKings Warns Users of Credential Stuffing Attacks https://www.securityweek.com/draftkings-warns-users-of-credential-stuffing-attacks/ #credentialstuffing #DataBreaches #databreach #DraftKings
-
DraftKings just faced a breach—not from some sci-fi hack but through the all-too-common tactic of credential stuffing. Reusing passwords made it easy for attackers. How secure are your accounts? Dive in to learn the warning signs and how to protect yourself.
https://thedefendopsdiaries.com/credential-stuffing-lessons-from-the-draftkings-breach/
#credentialstuffing
#databreach
#passwordsecurity
#multifactorauthentication
#cybersecuritytips -
Meldepflicht: Über 150 Cyberangriffe beim Bacs gemeldet - inside-it.ch https://www.inside-it.ch/meldepflicht-uber-150-cyberangriffe-beim-bacs-gemeldet-20250929 #KRITIS #Hacking #dDoS #CredentialTheft #CredentialStuffing #Ransomware #Malware #DataLeak #Datenleck #Datenschutz #privacy
-
Datenlecks bei #Cartier, #Northface und Victoria's Secret | Security https://www.heise.de/news/Datenlecks-bei-Cartier-Northface-und-Victoria-s-Secret-10435786.html #VictoriasSecret #Datenleck #Datenschutz #privacy #DataLeak #CyberCrime #CredentialStuffing
-
Thousands Hit by The North Face Credential Stuffing Attack https://www.securityweek.com/thousands-hit-by-the-north-face-credential-stuffing-attack/ #credentialstuffing #DataBreaches #TheNorthFace #databreach
-
Thousands Hit by The North Face Credential Stuffing Attack https://www.securityweek.com/thousands-hit-by-the-north-face-credential-stuffing-attack/ #credentialstuffing #DataBreaches #TheNorthFace #databreach
-
When Strong Passwords Fail: Lessons from a Silent, Persistent Attack
1,038 words, 5 minutes read time.
As an IT professional, I pride myself on maintaining robust security practices. I use unique, complex passwords, enable two-factor authentication (2FA), and regularly monitor my accounts. Despite these precautions, I recently experienced a security breach that served as a stark reminder: even the most diligent efforts can fall short if certain vulnerabilities are overlooked.
The Unexpected Breach
I maintain a Microsoft 365 Developer account primarily for SharePoint development. This account isn’t part of my daily workflow; it’s used sporadically for testing and development purposes. To secure it, I employed a 36-character random password—a combination of letters, numbers, and symbols. This password was unique to the account and stored securely.
Despite these measures, I received a notification early one morning indicating a successful login attempt from an unfamiliar location. Fortunately, 2FA was enabled, and the unauthorized user couldn’t proceed without the second authentication factor. This incident prompted an immediate investigation into how such a breach could occur despite stringent password security.
The Silent Persistence of Attackers
Upon reviewing the account’s activity logs, I discovered a disturbing pattern: months of failed login attempts originating from various IP addresses. These attempts were methodical and spread out over time, likely to avoid triggering security alerts or lockouts. This tactic, known as a “low and slow” brute-force attack, is designed to fly under the radar of standard security monitoring systems.
Such persistent attacks underscore the importance of not only having strong passwords but also implementing additional security measures. According to the Cybersecurity and Infrastructure Security Agency (CISA), 2FA is essential to web security because it immediately neutralizes the risks associated with compromised passwords. If a password is hacked, guessed, or even phished, that’s no longer enough to give an intruder access: without approval at the second factor, a password alone is useless .
The Vulnerability of Dormant Accounts
One critical oversight on my part was the assumption that an infrequently used account posed less of a security risk. In reality, dormant accounts can be prime targets for attackers. These accounts often retain access privileges but are not actively monitored, making them susceptible to unauthorized access. As noted by security experts, dormant accounts often fly under the radar, making them perfect targets for threat actors. Since they aren’t actively monitored, cybercriminals can exploit them for weeks—or even months—before being detected .
This realization led me to reassess the security of all my accounts, especially those not regularly used. It’s imperative to treat every account with the same level of scrutiny and protection, regardless of its frequency of use.
Immediate Actions Taken
In response to the breach, I took several immediate steps to secure the compromised account and prevent future incidents:
First, I changed the account’s password to a new, equally complex and unique one. Recognizing that the email address associated with the account might have been targeted, I updated it to a more obscure variation, reducing the likelihood of automated credential stuffing attacks.
Next, I thoroughly reviewed the account’s security settings, ensuring that all recovery options were up-to-date and secure. I also examined the activity logs for any other suspicious behavior and reported the incident to Microsoft for further analysis.
Finally, I conducted a comprehensive audit of all my accounts, focusing on those that were dormant or infrequently used. I enabled 2FA on every account that supported it and closed any accounts that were no longer necessary.
Lessons Learned
This experience reinforced several critical lessons about cybersecurity:
Firstly, password strength alone is insufficient. While complex passwords are a fundamental aspect of security, they must be complemented by additional measures like 2FA. According to research, implementing 2FA can prevent up to 99.9% of account compromise attacks .
Secondly, dormant accounts are not inherently safe. Their inactivity can lead to complacency, making them attractive targets for attackers. Regular audits and monitoring of all accounts, regardless of usage frequency, are essential.
Thirdly, attackers are persistent and patient. The “low and slow” approach to brute-force attacks demonstrates a strategic method to bypass traditional security measures. Staying vigilant and proactive in monitoring account activity is crucial.
Strengthening Security Measures
In light of this incident, I have adopted several practices to enhance my cybersecurity posture:
I now regularly audit all my accounts, paying special attention to those that are dormant or infrequently used. I ensure that 2FA is enabled wherever possible and that all recovery options are secure and up-to-date.
Additionally, I have started using a reputable password manager to generate and store complex, unique passwords for each account. This tool simplifies the process of maintaining strong passwords without the need to remember each one individually.
Furthermore, I stay informed about the latest cybersecurity threats and best practices by subscribing to security newsletters and participating in professional forums. This continuous learning approach helps me adapt to the evolving threat landscape.
Conclusion
This incident served as a sobering reminder that no one is immune to cyber threats, regardless of their expertise or precautions. It highlighted the importance of a comprehensive security strategy that includes strong passwords, multi-factor authentication, regular account audits, and continuous education.
I encourage everyone to take a proactive approach to cybersecurity. Regularly review your accounts, enable 2FA, use a password manager, and stay informed about emerging threats. Remember, security is not a one-time setup but an ongoing process.
If you found this account insightful, consider subscribing to our newsletter for more cybersecurity tips and updates. Share your thoughts or experiences in the comments below—we can all learn from each other’s stories.
D. Bryan King
Sources
- CISA – Multi-Factor Authentication (MFA)
- arXiv – Understanding Multi-Factor Authentication Efficacy
- Microsoft – Why MFA Is a Must
- NCSC – Password Guidance: Simplifying Your Approach
- Tekie Geek – The Danger of Dormant Accounts
- OWASP – Authentication Cheat Sheet
- Bruce Schneier – Low and Slow Brute-Force Attacks
- Have I Been Pwned – Check if Your Email Was Compromised
- Australian Cyber Security Centre – Securing Your Accounts
- NIST – Updated Guidance on Digital Identity
- Kaspersky – Password Security Tips
- 1Password Blog – The Importance of MFA
Disclaimer:
The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.
Related Posts
Rate this:
#2FA #accountHacking #accountMonitoring #accountTakeover #bruteForceAttack #cloudAccountProtection #cloudSecurity #compromisedAccount #compromisedCredentials #compromisedMicrosoftAccount #credentialStuffing #credentialTheft #cyberattack #cybercrime #cybersecurity #cybersecurityAwareness #cybersecurityLessons #developerAccountSecurity #dormantAccounts #emailSecurity #hackerPrevention #howHackersBypassMFA #identityProtection #infosec #ITProfessionals #ITSecurity #ITSecurityIncident #loginSecurity #lowAndSlowAttack #MFA #MFAImportance #Microsoft365Security #MicrosoftLogin #passwordAloneNotEnough #passwordBreach #passwordEntropy #passwordHygiene #passwordManagement #PasswordSecurity #passwordVulnerability #persistentThreats #phishingProtection #randomHashPassword #realWorldBreach #realWorldCybersecurity #securePasswords #securingDormantAccounts #securityAudit #securityBestPractices #securityBreach #SharePointDeveloperAccount #SharePointSecurity #strongPasswords #techSecurityBreach #tokenHijacking #TwoFactorAuthentication
-
Our latest post is out, check it out for the full details here 👉 https://opalsec.io/daily-news-update-saturday-april-5-2025-australia-melbourne/
If you're short on time, here's a quick rundown of the key stories:
🇦🇺 Australian Pension Funds Under Attack: A significant credential stuffing campaign hit multiple Aussie superannuation funds (Australian Super, REST, Hostplus, Insignia, ART) over the March 29-30 weekend. Attackers used stolen creds, likely targeting web portals and mobile apps, accessing accounts and unfortunately stealing funds in some cases (reports mention ~AU$500k from four Australian Super members alone). ASFA is coordinating the response. A stark reminder about password reuse and MFA effectiveness, especially during off-hours!
🏛️ Shake-up at NSA/Cyber Command: Big news out of the US – Gen. Timothy Haugh has been fired from his dual-hat role leading the NSA and USCYBERCOM after just over a year. Deputy Director Wendy Noble is also reportedly out. Reasons are murky, but speculation points towards political motivations (linked to Laura Loomer's visit with President Trump). This raises questions about stability, the ongoing 'Cybercom 2.0' review, and the future of the dual-hat structure, especially with ongoing nation-state threats.
⏱️ Incident Response Speed vs. Backups: An interesting debate highlighted recently – while backups are vital for recovery, is rapid IR potentially even more critical? It’s a tough balancing act: contain fast (risking tipping off attackers/losing evidence) or investigate thoroughly while the breach continues? Emphasises the need for skilled responders and adequate tooling, not just relying on backups as a silver bullet.
⚠️ Critical RCE in Apache Parquet (CVE-2025-30065): Heads up, data folks! A CVSS 10.0 RCE vulnerability has been found in the widely used Apache Parquet columnar storage format (up to v1.15.0). Given its use in Hadoop, AWS, Azure, GCP, and by major tech companies, the potential impact is huge. Patch to version 1.15.1 ASAP!
📱 Pentagon Probes Defense Secretary's Signal Use: The DoD's Inspector General is investigating Defense Secretary Pete Hegseth's use of Signal for official business. This follows a report where a journalist was accidentally added to a Signal chat discussing sensitive airstrike details (targets, timing). Raises concerns about classified info on unclassified apps, need-to-know, and record-keeping compliance.
The full blog post dives deeper into each of these stories and much more. Don't forget to sign up to our newsletter so you can get this daily wrap-up straight to your inbox!
📨 https://opalsec.io/daily-news-update-saturday-april-5-2025-australia-melbourne/#/portal/signup
What are your biggest takeaways from this week's news? Let's discuss below!
#CyberSecurity #InfoSec #ThreatIntel #DataBreach #CredentialStuffing #Ransomware #Phishing #Vulnerability #ApacheParquet #NSA #CyberCommand #IncidentResponse #CloudSecurity #NationalSecurity #Espionage #Privacy
-
Intelligente Cyberabwehr fängt bei den Mitarbeitern an
Schutz vor Cyberbedrohungen: Best Practices und Lösungen | heise https://business-services.heise.de/security/bedrohungen-schwachstellen/beitrag/intelligente-cyberabwehr-faengt-bei-den-mitarbeitern-an-4873 #CredentialStuffing #Phishing #Deepfake #ArtifificialIntelligence #SocialEngineering #CyberSecurity #HumanFactor #SecurityAwareness #HumanRiskManagement
-
How a Global Insurer Protects Customer Data & Achieves Compliance With DataDome – Source: securityboulevard.com https://ciso2ciso.com/how-a-global-insurer-protects-customer-data-achieves-compliance-with-datadome-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #fakeaccountcreation #brute-forceattacks #credentialstuffing #CyberSecurityNews #SecurityBoulevard #CustomerStories #onlinefraud #bottraffic
-
FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits https://hackread.com/fortiguard-labs-ec2-grouper-aws-credential-exploits/ #CredentialStuffing #Cybersecurity #Vulnerability #CyberAttacks #EC2Grouper #Security #AWS
-
FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits – Source:hackread.com https://ciso2ciso.com/fortiguard-labs-links-new-ec2-grouper-hackers-to-aws-credential-exploits-sourcehackread-com/ #1CyberSecurityNewsPost #CredentialStuffing #CyberSecurityNews #cybersecurity #Vulnerability #CyberAttacks #EC2Grouper #Hackread #security #AWS
-
Not sure who is playing around, but I don't use my Proton Mail account for things like this.
-
@bsi -Warnung: Vermehrte #BruteForce-Angriffe auf #Citrix Netscaler Gateways | Security https://www.heise.de/news/BSI-Warnung-Vermehrte-Brute-Force-Angriffe-auf-Citrix-Netscaler-Gateways-10194910.html #CirtrixNetscaler #CredentialStuffing
-
Radiology provider exposed tens of thousands of patient files https://www.malwarebytes.com/blog/news/2024/10/radiology-provider-exposes-tens-of-thousands-of-patient-files #credentialstuffing #AItraining #Privacy #News #imed
-
Nach Cyberangriff: Solaranbieter "#Qcells" informiert Kunden über #Datenleck | Security https://www.heise.de/news/Nach-Cyberangriff-Solaranbieter-Qcells-informiert-Kunden-ueber-Datenleck-9852641.html #DataLeak #Datenschutz #privacy #DSGVO #GDPR #Phishing #CredentialStuffing
-
Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds https://www.securityweek.com/stolen-credentials-have-turned-saas-apps-into-attackers-playgrounds/ #credentialstuffing #Identity&Access #credentials #BlackHat #SaaS
-
Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds https://www.securityweek.com/stolen-credentials-have-turned-saas-apps-into-attackers-playgrounds/ #credentialstuffing #Identity&Access #credentials #BlackHat #SaaS
-
#RockYou2024: Wohl bislang größter #Passwort #Leak - #Achtung an alle, die ihre #Passwörter wiederverwenden oder dasselbe Passwort für den gleichen Dienst nutzen! #CredentialStuffing
"Höchstwahrscheinlich enthält die neueste RockYou-Version Informationen aus über 4.000 Datenbanken, die man über mehr als zwei Jahrzehnte zusammengetragen hat. In der Zukunft muss man mit vielen weiteren Datenlecks rechnen."
-
Amtrak Says Guest Rewards Accounts Hacked in Credential Stuffing Attacks https://www.securityweek.com/amtrak-says-guest-rewards-accounts-hacked-in-credential-stuffing-attacks/ #credentialstuffing #DataBreaches #Amtrak
-
Amtrak Says Guest Rewards Accounts Hacked in Credential Stuffing Attacks https://www.securityweek.com/amtrak-says-guest-rewards-accounts-hacked-in-credential-stuffing-attacks/ #credentialstuffing #DataBreaches #Amtrak
-
Battered and bruised 23andMe faces probe after hack that stole seven million users’ data https://www.bitdefender.com/blog/hotforsecurity/battered-and-bruised-23andme-faces-probe-after-hack-that-stole-seven-million-users-data/ #credentialstuffing #databreach #Guestblog #Lawℴ #Dataloss #23andMe #DNA
-
#PetSmart warns of #credentialstuffing attacks trying to hack accounts
In new email notifications sent to PetSmart customers, the company warns that customers are being targeted by credential stuffing attacks used to gain access to their accounts.
PetSmart reset #passwords for any accounts logged in during the credential stuffing attacks to be safe as they could not determine if the logged in user was the account owner or the hackers.
https://www.bleepingcomputer.com/news/security/petsmart-warns-of-credential-stuffing-attacks-trying-to-hack-accounts/ #ITSec -
GMX- und Web.de zeigen viele fehlerhafte Log-in-Versuche
Angriffe auf Zugangsdaten nehmen zu. Derzeit fällt das etwa bei den Webmailern GMX oder Web.de verstärkt auf.
#CredentialStuffing #Cybercrime #GMX #OnlineDienst #Security #Web.de #Webmail #Zugangsdaten
-
23andme: "Fahrlässige" User selbst schuld an Datendiebstahl, Klagen zwecklos
Über den Zugriff auf 14.000 Accounts konnten Unbekannte Daten von Millionen Usern von 23andme abgreifen. Das Unternehmen ist sich aber keiner Schuld bewusst.
#23AndMe #CredentialStuffing #Cybercrime #Datenklau #Datenschutz #Gentechnik #Zugangsdaten
-
23andMe told victims of data breach that suing is futile, letter shows - Enlarge (credit: Bloomberg / Contributor | Bloomberg)
23andMe ... - https://arstechnica.com/?p=1993685 #personalidentifyinginformation #californiaprivacyrightsact #credentialstuffing #onlineprivacy #ancestrydata #geneticdata #databreach #23andme #policy
-
Blog: Simple Personal Security tips for 2023 - https://obviate.io/2023/10/19/simple-personal-security-tips-for-2023/
In case you're living under a rock, there is a hack or breach in the news seemingly every other week. Not to scare you, but if you're in the world of information security, the reality is that there is a breach in the news ...
#blog #writing #Security #1password #23andme #CredentialStuffing #InformationSecurity #PasswordManager #PersonalSecurity #security #SecurityBreach
-
👉 API attacks have risen 400% in the last six months (as per Security Boulevard)
This has caused 59% of organizations to delay the release of new applications due to concerns about #APIsecurity.
As industries look to integrate with third-party software more often to improve their business operations, the security of #OpenAPIs has become critical.
In the upcoming webinar, join Vivekanand Gopalan (VP of Products) as he discusses:
- API discovery & documentation: Find shadow, rogue, and zombie APIs and automatically create #Swagger (#OpenAPI 3.0) documents for all APIs
- API Vulnerability Scanning: Identify #OWASPAPI Top 10 vulnerabilities
- Positive Security Models: How to automate the creation of positive security models for #APIs
- Protection from API Attacks: Utilize WAAP to protect APIs from vulnerability, DDoS, account takeover, credential stuffing, and other bot attacks
To unfold all the above findings in detail, reserve your seat now. https://bit.ly/3OYLmZw
#apiprotection #vulnerabilityscanning #waap #ddos #bots #credentialstuffing #cybersecurity #apptrana #indusface
-
👉 API attacks have risen 400% in the last six months (as per Security Boulevard)
This has caused 59% of organizations to delay the release of new applications due to concerns about #APIsecurity.
As industries look to integrate with third-party software more often to improve their business operations, the security of #OpenAPIs has become critical.
In the upcoming webinar, join Vivekanand Gopalan (VP of Products) as he discusses:
- API discovery & documentation: Find shadow, rogue, and zombie APIs and automatically create #Swagger (#OpenAPI 3.0) documents for all APIs
- API Vulnerability Scanning: Identify #OWASPAPI Top 10 vulnerabilities
- Positive Security Models: How to automate the creation of positive security models for #APIs
- Protection from API Attacks: Utilize WAAP to protect APIs from vulnerability, DDoS, account takeover, credential stuffing, and other bot attacks
To unfold all the above findings in detail, reserve your seat now. https://bit.ly/3OYLmZw
#apiprotection #vulnerabilityscanning #waap #ddos #bots #credentialstuffing #cybersecurity #apptrana #indusface
-
👉 API attacks have risen 400% in the last six months (as per Security Boulevard)
This has caused 59% of organizations to delay the release of new applications due to concerns about #APIsecurity.
As industries look to integrate with third-party software more often to improve their business operations, the security of #OpenAPIs has become critical.
In the upcoming webinar, join Vivekanand Gopalan (VP of Products) as he discusses:
- API discovery & documentation: Find shadow, rogue, and zombie APIs and automatically create #Swagger (#OpenAPI 3.0) documents for all APIs
- API Vulnerability Scanning: Identify #OWASPAPI Top 10 vulnerabilities
- Positive Security Models: How to automate the creation of positive security models for #APIs
- Protection from API Attacks: Utilize WAAP to protect APIs from vulnerability, DDoS, account takeover, credential stuffing, and other bot attacks
To unfold all the above findings in detail, reserve your seat now. https://bit.ly/3OYLmZw
#apiprotection #vulnerabilityscanning #waap #ddos #bots #credentialstuffing #cybersecurity #apptrana #indusface
-
When you attempt to login on a website and it confirms that the email IS registered. I’ve heard that sites SHOULDN’T do that because it’s a security risk. How? How does knowing that X email is registered present a security risk? Is it due to the potential for credential stuffing / reuse attacks on that site or just user profile (I know Adam has an account at X)? #security #credentialreuse #credentialstuffing
-
Enterprise security attackers are one password away from your worst day - Ralph Pisani
Contributor
Share on Twitter... - http://feedproxy.google.com/~r/Techcrunch/~3/w1GSlXAU994/ #nationalsecurityagency #credentialstuffing #computersecurity #eccybersecurity #cyberwarfare #cyberattack #enterprise #cybercrime #databreach #encryption #solarwinds #security #eccolumn #phishing #fireeye #column #crime
