The US-based insurance company State Farm has started to distribute email notifications to users whose online account login credentials were affected by a successful credential stuffing attack. A credential stuffing attack is when an attacker compiles a list of usernames and passwords that were involved in previous breaches and leverage them against other login pages. State Farm stated that an attacker was able to confirm usernames and passwords of impacted users, but that no personal information was viewed, and that no fraudulent activity was detected. It has yet to be confirmed if the attackers logged into the impacted accounts. Credential attacks have become very common as data breaches expose login credentials of victims. This style of attacks was found to have 28 million attempts in the second half of 2018. Credential stuffing attacks have forced some companies to begin monitoring data breaches and compare them to their user accounts. When a match is detected, some companies force a password reset for the user.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased