Credential Stuffing
Automated injection of stolen username/password pairs to gain unauthorized access to accounts.
Full Definition
Credential stuffing is a cyberattack in which stolen credentials — typically obtained from data breaches or combo lists — are automatically tested against multiple online services using bots. The attack exploits the widespread habit of password reuse: if a user uses the same password across multiple services, one breach exposes all of them.\n\nUnlike brute force attacks, credential stuffing uses real, previously valid credentials, making it far more efficient. Attackers use tools like Sentry MBA, OpenBullet, or custom scripts to test millions of credential pairs per hour across thousands of distributed IP addresses to avoid detection.\n\nThe success rate varies (typically 0.1%–2%) but even a small percentage of millions of credentials translates to thousands of compromised accounts. Defenses include MFA enforcement, bot detection, and continuous monitoring for credential exposure via threat intelligence feeds.
Related Terms
Combo List
A compiled file of username/email and password pairs aggregated from multiple data breaches.
Data & LeaksAccount Takeover (ATO)
Unauthorized access to a user account by exploiting stolen credentials.
Attack TypesBrute Force Attack
An attack method that systematically tries all possible password combinations until the correct one is found.
Attack TypesData Breach
A security incident in which protected or confidential data is accessed, stolen, or disclosed without authorization.
Data & LeaksMonitor Your Exposure on Whiteintel
Understanding threats is the first step. Whiteintel continuously monitors dark web sources, stealer logs, and breach databases so you know the moment your organization's data is at risk.