credential stuffing

Verizon-owned cell network Visible confirms hackers accessed user accounts

Visible, a budget cellular carrier owned by Verizon, has confirmed that hackers accessed and charged user accounts. The incident, first reported by The Verge, came to light earlier this week after Vi

Enterprise security attackers are one password away from your worst day

IT organizations must shift their enterprise security strategy to detect credential-based attacks before they become a problem.

Spotify resets passwords after a security bug exposed users’ private account information

Spotify said it has reset an undisclosed number of user passwords after blaming a software vulnerability in its systems for exposing private account information to its business partners. In a data bre

Instacart blames reused passwords for account hacks, but customers are still without basic two-factor security

Online shopping service Instacart says reused passwords are to blame for a recent spate of account breaches, which saw personal data belonging to hundreds of thousands of Instacart customers stolen an

After a spate of device hacks, Google beefs up Nest security protections

Google has added its line of Nest smart home devices to its Advanced Protection Program, a security offering that adds stronger account protections for high-risk users like politicians and journalists

J.Crew says a hacker accessed some customer accounts

Clothing giant J.Crew said an unknown number of customers had their online accounts accessed “by an unauthorized party” almost a year ago, but is only now disclosing the incident. The comp

Ring’s new security ‘control center’ isn’t nearly enough

On the same day that a Mississippi family is suing Amazon-owned smart camera maker Ring for not doing enough to prevent hackers from spying on their kids, the company has rolled out its previously ann

Over 1,500 Ring passwords have been found on the dark web

A security researcher has found on the dark web 1,562 unique email addresses and passwords associated with Ring doorbell passwords. The list of passwords was uploaded on Tuesday to an anonymous dark w

DoorDash confirms data breach affected 4.9 million customers, workers and merchants

DoorDash has confirmed a data breach. The food delivery company said in a blog post Thursday that 4.9 million customers, delivery workers and merchants had their information stolen by hackers. The bre

Slack resets user passwords after 2015 data breach

Slack will reset the passwords of users it believes are affected by a historical data breach that affected the company more than four years ago. In 2015, the company said it was hit by hackers who gai

Password manager Dashlane raises $110M in Series D, adds CMO

Password manager maker Dashlane has raised $110 million in its latest round of funding, the company said Thursday. The company said Sequoia Capital led the Series D round, with partner Jim Goetz joini

Spotify resets some account passwords citing ‘suspicious activity’

Music streaming giant Spotify has notified an unspecified number of users that the company has reset their account password, but has left dozens of users asking why. In an email, some Spotify users we

Shape Security’s latest product protects smaller businesses from credential stuffing

Shape Security has been helping big companies stay safe from fraudulent activities like password reuse and bot traffic on their publicly facing websites and apps. The company now wants to help smaller

After account hacks, Twitch streamers take security into their own hands

Twitch has an account hacking problem. After the breach of popular browser game Town of Salem in January, some 7.8 million stolen passwords quickly became the weakest link not only for the game but ga

Chipotle customers are saying their accounts have been hacked

A stream of Chipotle customers have said their accounts have been hacked and are reporting fraudulent orders charged to their credit cards — sometimes totaling hundreds of dollars. Customers have po

Cybersecurity 101: Two-factor authentication can save you from hackers

If you find passwords annoying, you might not like two-factor authentication much. But security experts say it’s one of the best ways to protect your online accounts. Simply put, two-factor auth

Anti-fraud startup Shape Security raises $26M in Series E round to drive global expansion

Shape Security, a fraud-fighting cybersecurity company, has closed a $26 million round of Series E funding. This will be the fifth round of funding — more than $130 million — since the Mountain Vi

DoorDash customers say their accounts have been hacked

Food delivery startup DoorDash has received dozens of complaints from customers who say their accounts have been hacked. Dozens of people have tweeted at @DoorDash with complaints that their accounts

AdGuard resets all user passwords after account hacks

Popular ad-blocker AdGuard has forcibly reset all of its users’ passwords after it detected hackers trying to break into accounts. The company said it “detected continuous attempts to logi

Shape Security introduces tool to blunt impact of stolen password caches

Shape Security is a company you may never heard of, yet it’s been around for five years and its founders include former Googlers and DoD officials. Their products provide the primary line of def