Dismiss this notice
Avast Premium Security Christmas 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9410

Dismiss this notice
ExpressVPN Christmas 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9405

Dismiss this notice
Master PDF Editor Christmas 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9407

Dismiss this notice
O&O Software Christmas Blowout 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9409

Dismiss this notice
Bandicam Christmas 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9404

Dismiss this notice
HitmanPro.Alert Christmas 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9406

Dismiss this notice
GFYI [Official] Ashampoo® Christmas Blowout 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9408

Dismiss this notice
Emsisoft Anti-Malware Home Christmas 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9412

Dismiss this notice
Macrium Reflect Home Christmas 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=9415

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Dunkin Donuts Victim of Second Cyber Attack in Three Months
Quote:Coffee shop chain Dunkin’ Donuts has announced that it has become the victim of a second cyber attack within three months. It was announced yesterday by the chain that a second credential stuffing attack occurred on January 10.

Second Attack
As mentioned in a previous article HERE, Dunkin’ Donuts suffered a similar attack on October 31 2018. This attack was disclosed to the public in November and was found to have stolen usernames and passwords of customers.

Just like the first attack, hackers were able to gain entry to the DD Perks rewards accounts with credentials leaked from other sites. The data typically stored on these accounts includes names, email addresses, and 16 digit DD Perks account number.

It seems the hackers weren’t after the account data, but the accounts themselves. These accounts are thought to be sold on Dark Web forums.

Growing Trend
According to several ISP security engineers, this practice of selling accounts is becoming a growing trend. They said that hacking groups are renting IoT botnets and running scripts to carry out credential stuffing attacks against a number of online services.

One script that is used in credential stuffing attacks is called SNIPR and is thought to be one of the ones being sold online for Dunkin’ Donuts attacks.

Once the hackers have broken into these accounts, they sell them to other people who then use the reward points for free food/drink and unearned discounts.

Forum Jump:

Users browsing this thread: 1 Guest(s)
You have to register before you can post on our site.



Recent Posts
Announcement for WINNERS
Rules revision as o...jasonX — 04:07
GFYI [Official] ExpressVPN Christmas 20...
Please be patient he...jasonX — 01:43
GFYI [Official] Emsisoft Anti-Malware H...
Please be patient he...jasonX — 01:43
Microsoft Edge Could Get Color Themes Im...
The Chromium-based...silversurfer — 18:29
Chromium Microsoft Edge Browser Now Ava...
Introducing the new ...Herran — 14:17

Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (44)theoldevext
avatar (39)algratCep
avatar (45)Josepharelf
avatar (34)kholukrefar
avatar (43)Lauraimike
avatar (45)WilsonWag
avatar (43)StevenPiole
avatar (34)zetssToomy
avatar (41)GornOr
avatar (44)Jamesmog
avatar (32)opeqyrav
avatar (35)uxegihor

Online Staff
There are no staff members currently online.