The US-based insurance company State Farm has started to distribute email notifications to users whose online account login credentials were affected by a successful credential stuffing attack. A credential stuffing attack is when an attacker compiles a list of usernames and passwords that were involved in previous breaches and leverage them against other login pages. State Farm stated that an attacker was able to confirm usernames and passwords of impacted users, but that no personal information was viewed, and that no fraudulent activity was detected. It has yet to be confirmed if the attackers logged into the impacted accounts. Credential attacks have become very common as data breaches expose login credentials of victims. This style of attacks was found to have 28 million attempts in the second half of 2018. Credential stuffing attacks have forced some companies to begin monitoring data breaches and compare them to their user accounts. When a match is detected, some companies force a password reset for the user.
Analyst Notes
Knowing that many people recycle their passwords across multiple logins, attackers use the breached accounts to attempt to login to multiple popular sites in an attempt to obtain information, either for sale or for nefarious purposes. Users are recommended to never use the same password twice for logins. Passwords should be unique and complex with the use of special characters, case sensitive letters and numbers. There is a multitude of password managers that can assist a user in keeping track of the credentials.
