An automated cyberattack where stolen username and password combinations from data breaches are systematically tested against other websites and services to gain unauthorized access to accounts where users reused the same credentials.
An automated cyberattack where stolen username and password combinations from data breaches are systematically tested against other websites and services to gain unauthorized access to accounts where users reused the same credentials.
Think you've been targeted?
Paste the suspicious content here for an instant analysis.
No signup · 6 detection layers · Results in seconds · Cmd+Enter
Credential stuffing exploits one of the most common security mistakes: password reuse. When a data breach exposes millions of email/password combinations, attackers use automated tools to test those credentials against hundreds of other websites, knowing that many people use the same password everywhere.
Billions of stolen credentials are available on the dark web from breaches at major companies. Automated tools can test thousands of login combinations per second, making credential stuffing attacks both cheap and effective.
Unlike brute force attacks that try random passwords, credential stuffing uses real credentials that actually worked on other sites. This makes it far more effective and harder to detect, as each login attempt uses a legitimate-looking username and password.
In 2020, over 500,000 Zoom account credentials were found for sale on the dark web for less than a penny each. They were obtained through credential stuffing, not a Zoom breach — users had reused passwords from other compromised services.