NY AG Says 1.1M Compromised By 'Credential Stuffing' Hacks

By Al Barbarino (January 5, 2022, 7:42 PM EST) -- An investigation conducted by the office of New York Attorney General Letitia James revealed that 1.1 million online customer accounts were compromised in "credential stuffing" cyberattacks on 17 well-known companies, according to a report released Wednesday that includes tips on how companies can avoid future attacks. 

The report details so-called stuffing attacks that involved large-scale automated attempts to access online accounts using usernames and passwords stolen from other, unrelated online services.

Through credential stuffing — which the office referred to as one of the most common and even "unavoidable" hacks for most businesses — offenders use automated software to reuse stolen...

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.


  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!

TRY LAW360 FREE FOR SEVEN DAYS

Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!