How to Protect Against Credential Stuffing Attacks
It’s impossible to miss the reports of massive, high-profile data breaches. Adobe, Ancestry, Bitly, Comcast, Dropbox, Equifax, Google+, Marriott Starwood, T-Mobile, Ticketfly, LinkedIn, Yahoo and many other companies have leaked massive amounts of personal information, such as user names and passwords. But you may not be aware of what happens to this data after it’s been stolen.
Cybercriminals often purchase stolen data on the Dark Web. For example, on February 17, 2019, a hacker going by the name Gnosticplayers put eight hacked databases containing data for 92.75 million users on sale for 2.6249 bitcoins (about $9,300) on the Dark Web Marketplace known as Dream Market. Previously, the same hacker had posted a batch of 16 databases containing data for 620 million users and another batch of eight databases with data from 127 million users.