Air New Zealand suffered a security breach, threat actors attempted to access customers’ accounts by carrying out credential-stuffing attacks.
What is credential stuffing?
“Credential stuffing is a type of attack in which hackers use automation and lists of compromised usernames and passwords to defeat authentication and authorization mechanisms, with the end goal of account takeover (ATO) and/or data exfiltration.” In other words, attackers glean lists of breached usernames and passwords and run them against desired logins until they find some that work. Then, they enter those accounts for the purpose of abusing permissions, siphoning out data, or both.
Air New Zealand chief digital officer Nikhil Ravishankar pointed out that threat actors did not hack any company’s systems, but only individual accounts were impacted.
“The breach only occurred with a small number of Air NZ customers, and no fraudulent transactions or sensitive information was accessed by the scammers, he [Ravishankar] said.” reported the website Stuff.co.nz.
“The accounts were locked and customers were contacted to be advised to change their login details before using the Airpoints system again, he said.”
The company is urging customers to change their passwords before using the Airpoints system again and also change their passwords on all accounts that used the same “Air NZ” password.
“This is a common problem where people use the same email address and password for more than one online login and do not update their passwords regularly or utilise features such as multi-factor authentication,” Ravishankar added.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Air New Zealand)
[adrotate banner=”5″]
[adrotate banner=”13″]
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement…
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals…
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
This website uses cookies.