An ongoing credential-stuffing attack targeting pet owner accounts at PetSmart has forced the company to take immediate action, revoking the passwords of an undisclosed number of customers.
The pet superstore giant has sent email notifications advising customers to reset passwords to prevent criminals from compromising their accounts and accessing personal data. The company emphasized that neither petsmart.com nor any other managed system was compromised.
“Our security tools saw an increase in password guessing attacks on perstmart.com, and during this time your account was logged into,” the email reads.
“While the log in may have been valid, we wanted you to know. In an abundance of caution to protect you and your account, we have inactivated your password on petsmart.com. The next time you visit petsmart.com, simply click the ‘forgot password’ link to reset your password.”
Data breaches and password recycling fuel credential-stuffing attacks that enable cybercriminals to take over accounts, steal data, and conduct fraud.
To defend against these risks, it’s crucial for internet users to adopt healthy digital habits, including:
Enhance your online privacy and protect YOUR IMPORTANT with our trustworthy password manager to automatically create and maintain the best password practices, and help monitor all the login credentials for all your services.
Create strong and unique passwords and manage your entire digital life by pairing our feature-rich password manager with a dedicated digital identity protection service. Stay on top of data breaches with real-time 24/7 data breach monitoring and the industry’s first Identity Protection Score that helps you fully understand how old or new data breaches can impact your security and overall wellbeing.
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsDecember 19, 2024
November 14, 2024