20 cities in Texas were hit by a coordinated ransomware attack
infosec

20 cities in Texas were hit by a coordinated ransomware attack

Twenty Texas local governments have been hit by a coordinated ransomware attack, the Information Resources Department announced Friday ...
Read More
infosec

Binance compensates the hacker who hacked it!

Binance, the cryptocurrency exchange company, intends to compensate the white hat hacker who breached his domain name and ...
Read More
infosec

The hacker who invaded Capital One has hacked other 30 companies

Further investigation into Paige A. Thompson, the hacker accused of causing data breach on Capital One, showed ...
Read More
infosec

Instantly update Windows 10 users. Critical vulnerabilities identified!

Microsoft warns Windows 10 users to update their operating system immediately because of two critical vulnerabilities. OR...
Read More
infosec

European Central Bank hacked!

The European Central Bank (ECB) closed one of its websites on Thursday after being hacked and infected by a hacker ...
Read More
Latest Posts

Credential stuffing: State Farm customer accounts have been violated

State FarmThe American Insurance Company State Farm fell victim to one "Credential stuffing" attack. This is a subcategory of brute-force attacks. The hackers use different violated credentials (from other companies' data breaches), import into sites and gain access to accounts users who use these credentials.

Thus, State Farm began sending email notifications to customers affected by the attack.

In that "data breach notification », State Farm said:

"State Farm recently discovered a safety issue where one malicious the hacker used a list of usernames and passwords, obtained from another source, such as dark web, and used them to access on-line State Farm accounts. During our investigation, we found out that the hacker had credentials for your State Farm account. "

The company claims that the hacker has acquired his username and passwords access Some clients, but there is no evidence that they are used for other malicious activities. State Farm claims that the hacker could not see other personal information.

After an investigation, the company discovered the accounts of the affected users and proceeded to reset of passwords.

According to a data breach notification filed with the California Attorney General's Office, the first attack, discovered, was on Saturday 6 July 2019. Immediately following the other attacks: Monday 8 July, Friday 12 July, Saturday 13 July, Sunday 14 July, Wednesday 17 July, Friday 19 July, Saturday 20 July and Monday 22

No more information at this time.

"Credential stuffing" attacks are becoming more and more common

"Credential stuffing" attacks are becoming more common as hackers take advantage of the numerous violations corporate data and gain access to user credentials.

It is known to many users use the same credentials in many different ways sites. Thus, when hackers acquire credentials (leaked from other sources) they can access multiple accounts.

One report showed that in the second half of 2018 they were 28 billions of "credential stuffing" attacks.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *