ESET Glossary – Table of Contents

Credential stuffing

Credential stuffing is a cyber attack that uses data from leaked credentials databases. Attackers use bots and other automation methods to log into accounts using the leaked data on numerous websites. They take advantage of users who recycle their login credentials through multiple websites and services. When the attack is successful, attackers can gain full access to the account and its users' data. Attackers can exploit this access to steal personal data for identity theft, fraudulent transactions, spam distribution, or other malicious actions.