Security News > 2024 > March > PetSmart warns of credential stuffing attacks trying to hack accounts
Pet retail giant PetSmart is warning some customers their passwords were reset due to an ongoing credential stuffing attack attempting to breach accounts.
In new email notifications sent to PetSmart customers first seen by DarkWebInformer, the company warns that customers are being targeted by credential stuffing attacks used to gain access to their accounts.
PetSmart reset passwords for any accounts logged in during the credential stuffing attacks to be safe as they could not determine if the logged in user was the account owner or the hackers.
Once a threat successfully breaches an account, they are used for malicious behavior, including making fraudulent purchases, sending spam, or launching other attacks.
In May 2023, an 18-year-old was charged with hacking 60,000 DraftKings betting accounts and selling them on a stolen account marketplace called the Goat Shop.
While DraftKings initially stated only $300,000 was stolen via the attacks, the Department of Justice later revealed that $600,000 was stolen from 1,600 compromised accounts.