GDT Webinar Series – How to Fail at Security? Reserve Your Spot

Dunkin’ Donuts Data Breach

Dunkin Donuts

Just last week, sugary sweet giant Dunkin’ Donuts was hit with its second cyber-attack in three (3) months. Both attacks can be filed in a cyberattack category you may not have heard of—credential stuffing. It’s a type of brute force attack in which stolen credentials are used to access other online accounts.

We’ve all signed up for online membership programs, right? Doing so grants you access to coupons, perks and special deals for products and services. Nothing wrong with that. But Credential Stuffing Attacks target these membership programs, which allows hackers to access accounts and get names, email addresses and account numbers associated with the program.

Membership and loyalty programs have been around for years, and their quid pro quo nature benefits both parties involved. You get good deals and the vendor builds a rich database of customers to whom they can market. And because they rarely involve sensitive information, such as credit card numbers or social security numbers, they don’t often raise red flags for customers. They know what signing up results in—offers and information getting pushed to your inbox. And, of course, you can opt-out at any time. So, what’s the problem?

Here’s how credential stuffing works, and why you should care about it

Credential stuffing involving donut shops may sound benign, but attackers are looking to do more than disrupt vendor couponing. Last August, credential stuffing resulted in a $13.5 million bank heist in India.

Through automated tools and scripts available on the dark web, credential stuffers use stolen login information to target particular websites. The login information can stuff websites’ account logins until matches are uncovered. They’re then sold on the dark web advertising that they’ve been verified to work on a particular site.

If you don’t use one (1) of the many password managers on the market, you should. And if you don’t, you’ve probably found yourself using the same login and password for a wide range of sites. And, who knows, you may be using the same login information for online banking that you do for the sandwich shop around the corner. Is getting 2 for 1 patty melts worth more than a hacker gaining access to your financial data? Probably not.

Steps to protect your organization against credential stuffing

If you currently offer a membership or loyalty program, it’s advised that you take a regular look at authentication logs. If you see a large number of authentication attempts from the same IP address, you may be the victim of credential stuffing. Also, if you’re allowing access through Tor nodes, which allow users to remain anonymous, it can be difficult to determine the source. You may want to block access from Tor nodes altogether.

And, yes, it may annoy some customers, but requiring members to periodically reset passwords can help guard against credential stuffing attacks. But be careful with the wording of the communique, or customers may think they’re they a phishing target.

Let these folks take the complexity out of your security posture

To find out how to secure your organization’s network and protect its mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

Author

Share this article

You might also like:

As a global IT solutions provider, we understand that technology partnerships are absolutely crucial in our line of business. It’s fair to say that without great partners to work with, we couldn’t do what we do. It’s also fair to say that without the expertise the GDT team brings to

If you’re wondering if your organization’s ransomware defense strategy is as strong as it could be, you’re not alone. Ransomware has emerged as one of the top cybersecurity threats of 2024, impacting nearly three-quarters of organizations last year with an average cost of $4.45 million.i According to Verizon, about a

Mergers, acquisitions, and divestitures (M&A/D) offer opportunities for businesses to grow, streamline operations, and enter new markets. However, strategic planning and financial negotiations can overshadow a crucial element: information security.   This blog post dives into the critical security considerations for M&A/D activities, exploring the importance of information security, potential risks,