Credential Stuffing Attack sets Thousands of Australian’s into huge financial loss.

In a shocking report, information reaching us earlier today, disclosed that thousands of Australian’s have fallen victim to a nation wide Credential stuffing attack. Over 15,000 Aussie citizens who have accounts with online services such as Guzman y Gomez, Dan Murphy’s and Event Cinemas are said to have been impacted by this incident.

Cybercriminals are said to have gotten data and credit card information belonging to citizens of the wildlife continent, and utilising these credentials in a massive shopping spree. A clear information indicated that these were conducted by Local scammers in the country, and they made it known via a forum, on how they were able to use these stolen credentials in making massive purchases.

The local scammers, were said to have obtained these credentials which comprises of online login accounts from a more sophisticated group cybercriminals based overseas. These credentials were then used to purchase iPhone’s, clothing’s, and expensive alcoholic drinks.

Credential-Stuffing-Attack.png
            Thousands Australian’s compromised in a credential stuffing attack. Image-source: Fixitgearware

Fixitgearware Security Analysis of the Historical Attacks and Cyber Crimes Targeting Australians:

Australian’s in recent time have been experiencing a surge in cybercrime, as threat actors are noticeable targeting high profile entity and organizations in the country.

Dymocks a retail online book store in Australia, experienced a cyber-incident in September 2023, resulting to over 800-thousand of sensitive data stolen, further more these same hackers were found to have hacked Pizza Hut based in Australia, in the same month of  September.

In October last year, a deep fake AI video was discovered to have been circulating impersonating high profile employees of the common wealth bank of Australia, seemingly not enough and closing the year 2023, Dp World sea port was targeted in a massive breach, and Citrix NetScaler products were discovered to be massively exploited in the wild. All these massive incident occurred in Australia.

Subsequently gracing the new year 2024, Just two days ago, a massive breach which was recorded as an all time high of cyber-incident in Australia, compromising over 62 government organizations including Australia’s minister’s  office, Home affairs, Foreign Trade Affairs, and more was reported. While this series of attack, may have been one of a high impact, it is no doubt, that this is certainly one well orchestrated.

These certainly will set Australian’s into much panic, and faced with a lot of doubt on trusting their sensitive data to the government, and other financial institutions. It therefore calls for immediate action by the Cybersecurity Institution of Australia, as the series of cyber incidents would either signal that the country doesn’t take its cybersecurity serious, or they have a weak system that is easily penetrable; hinting more hackers to target the luxurious country in their sinister plans. 

Conclusion:

A surge in credentials and credit card information theft, noticeably should raise a concern to not just the consumers, and citizens of the country, but also financial institutions. Credit card fraud certainly have a negative impact to the victims, forcing them to part with their hard earned and life savings forcefully. This also notably can also damage businesses, their reputation, and have a negative consequences on the victims credit score.

It is imperative that customers, outlets, and stores who are into accepting digital payments, and handling credit card information’s, should be more vigilant, and certainly be sensitive when sharing their personal information online.

In addition, consistent monitoring of account information’s, and statement should be adopted by the citizens, and the financial institutions of Australia, should ensure that the PCI-DSS policies are adhered to, and implemented. Also, a more enhanced security procedures should be practised.

These security measures should include two-factor authentication mechanism, fraud and software detection tool, and cybersecurity awareness, in other to combat and prevent subsequent attempts by these fraudsters.

 Remember to always stay safe, and be vigilant 🛡️!

 

 

 

Put your comments below in the comment section on your thoughts about this.

Find this article and information helpful? Show some love and support  “Click-Here”
5 1 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments