Unknown individual(s) used credential stuffing to gain access to the Organization?s courier accounts accessible through its ?Courier Portal?. “Credential Stuffing” is the process by which an attacker steals or purchases username and password combinations (possibly on the dark web) and enters those credentials on websites to see if they can gain access. The incident occurred on July 11, 2019 and was discovered the same day when the Organization?s security operations team detected an unusually high number of failed logins on the Courier Portal.

File Type: pdf
File Size: 600 KB
Categories: 2020