The Office of the Attorney General of New York has recorded 1.1 million compromised accounts. The stolen logins were put to use in credential stuffing attacks against a variety of "well-known" online retail, food and delivery businesses.
F5 Credential Stuffing Report found that credential spills doubled between 2016 and 2020 while credential stuffing became the preferred attack method.
It's not surprising that a black market has developed for hacked Fortnite accounts; what is surprising is how much business it brings in. Big sellers are making $25,000 per week.
530,000 Zoom accounts selling on dark web appear to be compromised by credential stuffing, using username and password combinations obtained from past breaches of other companies.
Hackers recently launched a credential stuffing attack on the new Disney+ streaming service by using database of usernames and passwords from previous hacks.
State Farm, the insurance giant with more than 83 million customers, was hit by a credential stuffing attack with unknown number of customer accounts compromised.
