Red Securium

Search This Blog

Dunkin Donuts Resets Passwords After Enduring Credential Stuffing Attack

January 08, 2019

For all donut lovers out there, it’s time to reset your account passwords if you have been a customer of Dunkin Donuts. Allegedly, after facing a cyber attack, Dunkin Donuts reset passwords of its users’ accounts out of an abundance of caution. Fortunately, the company did not suffer any data security breach. However, the credential stuffing attack clearly shows that the hackers already possess users’ accounts login details.

Dunkin Donuts Reset Passwords After Credential Stuffing

As disclosed recently by the Dunkin Brands Inc, the firm has endured a cyber attack affecting its customers’ accounts. The company came to know of an alleged credential stuffing attack from one of its security vendors. After knowing the incident, Dunkin Donuts reset passwords of DD Perks accounts as a security measure.

According to their vendor, the breach may have occurred via third party sites where the DD Perks customers might have used the same login credentials. The attack was noticed after a third-party attempted to log in to certain accounts. As explained in their security notice,

“On October 31, 2018, we learned from one of our security vendors that a third-party may have attempted to log in to your DD Perks account. We believe that these third-parties obtained usernames and passwords from security breaches of other companies. These individuals then used the usernames and passwords to try to break into various online accounts across the Internet.”

Regarding the breached information, Dunkin states that it depends on the extent of information contained in affected DD Perks accounts. Nonetheless, the attackers may have accessed the customers’ names, usernames, email addresses, DD Perks 16-digit account numbers, and QR codes.

Security Steps Taken To Protect Accounts

Dunkin confirms that the attack remained confined to users’ credentials only. The company’s internal security systems remained safe, ensuring no data breaches. Nonetheless, to prevent such happenings in the future, the firm has forced password resets for DD Perks accounts. Besides, they have also taken the necessary steps for assuring accounts’ security.

“We also have taken steps to replace any DD Perks stored value cards with a new account number, but retaining the same value that was previously present on those cards. We also reported the incident to law enforcement and are cooperating with law enforcement to help identify and apprehend those third-parties responsible for this incident.”

In addition, the company also urges its customers to create “unique passwords for their DD Perks accounts” that they do not use elsewhere.

Get link
Facebook
X
Pinterest
Email
Other Apps

Labels

Labels: credential stuffing credential stuffing data Credentials Credentials Reuse Cyber attack DD Perks Dunkin Donuts dunkin Donuts accounts hacked

Get link
Facebook
X
Pinterest
Email
Other Apps

Comments

Post a Comment

Information Security Analyst Interview Questions

April 18, 2019

Top 12 Information Security Analyst Interview Questions & Answers 1) Explain what is the role of information security analyst? From small to large companies role of information security analyst includes Implementing security measures to protect computer systems, data and networks Keep himself up-to-date with on the latest intelligence which includes hackers techniques as well Preventing data loss and service interruptions Testing of data processing system and performing risk assessments Installing various security software like firewalls, data encryption and other security measures Recommending security enhancements and purchases Planning, testing and implementing network disaster plans Staff training on information and network security procedures 2) Mention what is data leakage? What are the factors that can cause data leakage? The separation or departing of IP from its intended place of storage is known as data leakage. The factors that are respons...

Get link
Facebook
X
Pinterest
Email
Other Apps

Post a Comment

Community Health Systems agrees to pay nearly $3.1 million as a part of settlement for 2014 data breach

February 07, 2019

The settlement covers a total of 4.5 million patients impacted in the breach. The cyber attack took place in April and June of 2014 and was orchestrated by a Chinese criminal group. Tennessee-based Community Health Systems has reached a settlement over a 2014 data breach that 4.5 million patients. A proposed amount of $3.1 million has been reached as a part of the settlement in a class action lawsuit filed against the healthcare. What happened? According to court records, the cyber attack took place in April and June of 2014 and was orchestrated by a Chinese criminal group, that solely focused on obtaining intellectual data. The hackers used an advanced malware and exfiltrated a variety of information such as patient names, Social Security numbers, addresses, dates of birth, and phone numbers. However, no credit card details and medical details were affected in the breach. Following the breach, the healthcare firm had notified the patients about the breach. However, the...

Get link
Facebook
X
Pinterest
Email
Other Apps

Post a Comment

About Me

RedSecurium

Visit profile

Labels

-Abdul-Aziz Hariri and Sebastian Apelt
-chain attack.
: Settlement Deal
: Un-patched RDP Clients
'Downthem' and 'Ampnode.' 200
"
"Booter" or "Stresser
"MsiAdvertiseProduct"
"systemd-journald"
(@_0rbit)

(AfD)
(BSI)
(Die Linke)
(MSPs)
(RCE)
(SSNs)
@HackerGiraffe
@j3ws3r
000 DDoS attacks
10 million euro payment in Bitcoin
49 CVE-listed security vulnerabilities
9to5Mac
a nodejs project
a red hat gertrude stein analysis
a web application framework for python
Access and Assistance Bill
Access and Assistance Bill 2018
account security
ACLU slams FBI
Adobe has issue
Adult dating site
advanced persistent threat (apt) actors
advantages of rooting android
AEG
affecting 14 million users
Agari
android
Android 9 Pie
android api
android device
Android devices vulnerable
Android exposes internal data
Android monitoring
android permissions
android permissions access internet
android permissions demystified
android permissions manager
Android security update
android smartphone
Angela Merkel
anonymity on web
anonymity web browser
anti cyber attack missile
Apelt and identified as CVE-2018-16011
API bug
API vulnerability
APK
app security in uk
Apple iOS
Apple iOS devices
APT10
arbitrary code execution
arbitrary commands
Ashley Madison
Australia has The Encryption Bill
Australia passes Access and Assistance Bill 2018
Australia passes The Encryption Bill
Australian Companies
authentication bypass
auto file deletion
AZORult Information-stealing Malware
AZORult stealer
Backdoor Access
baiting attack example
baiting cyber attack
BEC scam
best digital marketing company
best H.A.S.T.E hacking challenges
best security app for android
best vulnhub hacking challenges
Binary Files
Bitcoin Gold
bitcoin lottery tickets
bitpay
BITSAdmin
BKA
BlankMediaGames (BMG)
Bluetooth
Bluetooth LE Devices
Bluetooth Low Energy (Chip)
Bob Diachenko
Botnet Services
Brandenburg and Berlin
bug
bug bounty
Business Email Compromise Scams
C2 server attack
Cambridge Analytica Case
Cayosin
CDU
Cease-and-desist Order
ceh in uk
ChakraCore scripting engine
challenge
Chancellor Merkel
Check Point Researchers
CHFI certified courses in Noida
CHFI v10 certified courses in Noida
CHFI v10 training in Noida
Chinese Hacker Behind WeChat
Chinese Job Seekers
Chrome Extension
Chromecast
Class Action Complaint
Cloudflare
code execution
Community Health Systems
Compromised Account
Computer Forensics Investigation
Confidential Patient Records
control bypass
cookie theft
Credential Phishing Campaign
credential stealer
credential stuffing
credential stuffing data
Credentials
Credentials Reuse
Critical Security Vulnerability
Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers
critical zero-day vulnerability
cryptocurrency
Cryptojacking Attacks
CSO Interview Questions
CSU
CSV files
CSV Format
Custom Code
Custom Tool
customer data leaked
customers
CVE-2018-1038
CVE-2018-16864
CVE-2018-16865
CVE-2018-16866
CVE-2019-0579
CVNX
Cyber attack
cyber crime
cyber law
cyber laws
Cyber security in 2019
cyber security in uk
cyber security operations analyst
cyber security operations center
cyber security operations model
cyber threat intelligence analyst
cyberattack
cyberattack threat
Cybercriminal Activities
cybercriminals or cyber criminals
cybercriminals quizlet
cybercriminals—Matthew Gatrel
cybersecurity
Cybersecurity Bundle
cybersecurity law
Cybersecurity researcher
dark net
dark overlord 9/11
dark overlord 911
dark overlord bitcoin
dark overlord hackers
dark overlord hacking group
dark web
dark web and deep web
dark web anonymity
dark web arrests
dark web browser
dark web stories
darknet markets
data breach
data exposed
Data Leak
Data Leak Class Action
data leaked
data manipulation algorithms
data manipulation cyber attack
data of hundreds of politicians
data protection policies
data security
DD Perks
ddos attacks 2019
ddos attacks examples
ddos attacks today
DDos-as-a-Service
DDoS-for-hire
DDoS-For-Hire Websites
debian
deception technology
decryption tool
decryption tool for gandcrab v5.0.4
decryption tool for ransomware victims
decryption tool without key
decryption tools for ransomware
DeHashed
dell
Dell data breach
Dell reset passwords
Dell security breach
Denial of Service Vulnerability
development company in Noida
Dietmar Woidke
digital branding in noida
Digital marketing agency Noida
digital marketing company
digital marketing in noida up
digital marketing service in noida
Discovered by security researcher Clement Lecigne of Google's
distributed deception technology
dns query
DNS-over-TLS
domain name system
Dunkin Donuts
dunkin Donuts accounts hacked
EaseUS Data Recovery
EaseUS Data Recovery tool
EaseUS free
Eccles Fisher phish
email message and infection
Email Phishing Campaigns
employee
Employee Details
employee tracking
encrypted payload
Ethereum
Ethereum blockchain
Ethereum Classic
Ethereum Classic (ETC) Hit by Double-Spend Attack Worth $1.1 Million
Ethical Hacking CEH v10 course in Noida
Ethical Hacking CEH v10 Training in Noida
Ethical Hacking certified courses in Noida
Ethical Hacking CHFI Training in Noida
Ethical Hacking Courses in Noida
Ethical Hacking Training in Noida
European Law Enforcement Agencies
Europol
Executable Statement
executes the
exploiting vulnerable printers
Exposed Data
Faacebook Data Privacy case in the UK
facebook
Facebook Account
Facebook and FBI
facebook bug
Facebook Cambridge Analytica Case
Facebook data
Facebook data breach
facebook data breach 2018
facebook data breach am i affected
facebook data breach announcement
facebook data breach apology
facebook data breach check
facebook data breach history
facebook data leak
Facebook data stolen
Facebook exploit view as
Facebook FBI secret court proceeding
Facebook fined in UK
facebook for business
facebook hack
Facebook hack 2018
facebook hack account recover
facebook hack attempt
Facebook tracking
Facebook users
FaceTime
failure of the social media giant
Fake Applications
Fake Netflix Email
Fake Registrations
Fake Tax Returns
Fake Update Scam
Fake Websites
Fartknocker pen test challenges
FBI seeks access to Facebook user info
FDP
Federal Bureau of Investigation (FBI)
file deletion bug
Find articles related to : Credential Verification Service
Finding Parcel Bomber With MAC Address
fishing attack
flaw
Forensic Investigator course in Noida
Forensic Investigator training in Noida
Fraudulent Tax Returns
Fraudulent Trading
free download kingoroot apk
free download nodejs
free hacking challenges
free monitoring software
FreeRDP
full review
Gandcrab attack
German Police
Germany's Biggest Data Leak
Get $2 Million for Remotely Jailbreaking An iPhone
Get 10 Popular Books for Advanced Hacking
GHIDRA
Github
GitHub Account
GitHub Repository
glitch
Gmail Accounts
Gmail addresses
Google
Google Chrome Browser
Google DNS Service
Google Gmail
Google Partially Patches Flaw in Chrome for Android 3 Years After Disclosure
Google Play
Google Plus
Google Plus data leak
Google Plus shut down
google public dns
Google Removes 85 Adware Apps
google security updates
Google Update
Google+ data leak
Google+ shut down
googleplus
Government of Vermont
Government Survey
Group FaceTime
H.A.S.T.E pen test challenges
hack android phone
hack kali linux
hack kali linux with cmd
hack lock screen android
hack server 2012 with commands
Hacked Servers
hacking challenge LHN
Hacking Forensics
hacking techniques
Hariri and identified as CVE-2018-19725
Health Data Breaches
HIV Reports
host based intrusion detection system pdf
Hoverwatch
Hoverwatch review
how to access the dark web
how to access the dark web guide
how to hack android
how to hack any kali linux
how to hack facebook
how to hack facebook account
how to hack i phone
how to hack ip address
how to hack iphone
how to hack linux
how to hack microsoft
how to hack router
how to hack smartphone
how to hack ubuntu
how to hack web aap
how to perform ddos attack
how to protect cellphone from cyber attacks
how to protect from data manipulation
how to protect yourself from fishing attack
how to root android
how to root android using kingoroot
how to secure you android phone
How to Stop Facebook App From Tracking Your Location In the Background
how to unlock boot loader
how to watch Netflix with vpn
Huawei CFO arrested
Huawei CFO arrested in Canada
Identity Theft
iMessage
India. Vulnerability Analysis
Indian School Of Ethical Hacking
information gathering and synthesis
information gathering techniques
Information Resource Center
information security questions
information security questions and answers
inside the dark web
insider threats and cyber attacks
insider threats cyber security
insider threats definition
Instagram passwords breach 2018
Instagram passwords breach am i affected
Instagram passwords breach check
Instagram passwords data breach history
Instagram passwords hacked
install kingoroot
instant
Internal Revenue Service (IRS)
Internet Marketing Agency in Noida
Internet Marketing Services
IOS 12.1.2
ios passcode encrytion
ios passcode exploit
IoT Device Security
iOT hack
iOT hacker laws
iOT hacker legislation
iOT hacking laws
iOT law for hacking
iOT laws
iOT legalise
iOT legislation
iOT news
iOT security law
IoT Security Threats
ip address
iphone hacked by hacker
iphone passcode can be crack
iphone passcode hacked after update
iphone passcode not working
IT Security Company in Noida
Jan Boehmermann and Christian Ehring
Japan
java development services in noida
jscript.dll
Jscript9.dll
key logging
keylogging
keylogging anyone
keylogging children
KFR
latest hacking news challenges
Law Enforcement Agencies
Lawsuit
LHN hack challenges
LibreOffice
Linux
Linux bug
Linux Kernel Vulnerabilities
linux security
linux vulnerability
list of all http protocol
list of apt threat actors
Litecoin Cash
Lizkebab
Local Government Websites
Lock Screen Bypass Flaw in Skype for Android
login based attack
Luo Moumou
macOS
Malicious
Malicious Binary
Malicious Documents
Malicious Links
malicious PDF
malvertising attack
Malware Backdoor
Malware Distribution Channel
Malware Dropping
man in the middle attack
manuscript phishing
manuscript spear phish
massive cyberattack
massive database Exposed
memory corruption
memory exhaustion
Meng Wangzhou arrested in Canada
microsoft
Microsoft Authenticator
Microsoft bug
Microsoft Visual FoxPro
Microsoft Windows
MikroTik
MikroTik hack
MikroTik hacked
MikroTik router hack
MikroTik Routers
MikroTik vulnerability
Minister Heiko Maas
Ministry of Health
Ministry of Internal Affairs and Communications
Mirai Botnet
mitm attacks
Mobile App Penetration Testing
mobile security apps android
mobile security cart
mozilla
Mozilla patch
Mozilla Thunderbird
Multiple Accounts
Municipal government
NanoCore
NanoCore RAT
nasa information center
nasa information leaked
nasa information security
nasa information security jobs.
nasa information system
nasa information technology
nasa security breach
National Crime Agency
National Security Agency (NSA)
necurs botnet
Netflix vpn
Netflix watch through vpn
Network
network and host scanning for vulnerablilies
network and host-based intrusion detection systems
network security architecture
network security architecture best practices
networking section of android device
New Facebook Bug Exposed 6.8 Million Users Photos to Third-Party Apps
New Spam Campaign
Nightwatch Cybersecurity Chrome for Android prior to version 70 are affected
nodejs append to file
nodejs authentication
nodejs buffer to string
nodejs library
nodejs path
nodejs request
Noida technologies
npm
npm listing
NSA
Official Website
online marketing company
online marketing company Noida
Online Marketplace
open source hack challenge
oracle virtualbox zero day
overlord hack
Password Dictionary Attack
Password List
password reset
Password Security
Patient Data
payload from the C&C server
PDF Attachment
pen testing challenges free
pen-testing labs
Penetration Books
Penetration Salary
Penetration Tester
Penetration Testers
Penetration Tools
penguin book attack
penguin book phishing
penguin phishing
penguin phishing attack
Perch
persistence
personal data stolen
Personal Information
personal user data
PewDiePie
phishing
phishing attacks
phishing attempt apple
php web designing in noida
PoC Exploit Code
PoC exploit for a privilege escalation
POLIZEI Brandenburg
popular fake app
Powerful IoT Botnets
PPC
ppc marketing service in noida
Privilege Escalation Attacks
Privilege Escalation Exploits
process of rooting android
PROset/Wireless Wi-Fi Software(Intel)
pylocker
pylocky payload
python development services in noida
Qbot
ransomware
ransomware malware
Ransomware outbreak china
rce
RDP Attacks
RDP Connections
red hat acquisition
red hat ibm
RED SECURIUM
redhat
redhat download
redhat stock
Reimbursement Costs
Remote
remote attacks
remote code execution
Remote Desktop Protocol (RDP)
removed 85 apps
Ren Zhengfei’s daughter arrested in
rfc 7766
RiskIQ
Router
router admin
router definition
router ip
router ip address
RouterOS
RSA
SandboxEscaper
screen advertisements
Security Alert
security alternatives
Security Awareness
security issue in android phone
Security Plugins
Security Updates
security vulnerabilities
SEM
sensitive data of 14 million users
Sensitive Patient Data
SEO
SEO Company in India
seo company in noida
seo services in noida
seo services marketing in noida
Server & Data Center Security Audit (VAPT)
Shafranovich
Sick OS 1.2 hack challenges
Sick OS 1.2 hacker challenges
Sick OS 1.2 pen test challenges
signs of a phishing attempt
Singapore
Smart Scale
social engineering attack technique
social engineering baiting attacks
social media marketing
social media marketing in noida
social media marketing india
Social Media Platforms
social network marketing service in noida
software designing services in noida
software development services in noida
solutions against haacking
SPD
Spying Trojan
SQLite has released updated version 3.26.0
stack clash
stack overflow
Stealthy Backdoor
steps to successful data loss prevention controls
suse linux
Systemd
Systemd flaw
Systemd vulnerability
systemd vulnerablities
Tableau
Tal Dery and Menahem Breuer of Mimecast Research Labs
Taxpayer Information
Tencent's Blade security team
the dark web documentary
the dark web reddit
the deep web today
the women's empowerment in agriculture index
Thousands of Google Chromecast Devices Hijacked to Promote PewDiePie
Thunderbird
thunderbird flaw
Thunderbird vulnerability
Til Schweiger
tips to secure your dat
TLS 1.3
TLS Security
tls security protocol
Top 10 Linux Distro for Penetration Testing
top digital marketing company
Top Pentesting tool
torjans
Torlus
tr0ll 1.0 hack challenges
tr0ll 1.0 hacker challenges
tr0ll 1.0 pen test challenges
transport layer security benefits
transport layer security definition
transport layer security tutorial
Trend Micro
twitter data analyst
twitter data breach
twitter data center
twitter data download
twitter data policy
twitter data saver
twitter database leak
twitter dataset
type of data manipulation
uber data breach 2018
uber data breach 2019
uber data breach cause
uber data breach claim
uber data breach cover up
uber data breach details
uber data breach github
uber data breach timeline
Ubuntu Security Team
udp and tcp
UK Police
Unpatched Windows Zero-Day Exploit On Twitter
Unsecured IoT Devices
upgrade to windows 10
UPnP
URL Redirects
ursnf banking trojan
US Indicts Two Chinese Government Hackers Over Global Hacking Campaign
utltimate weapons against cyberattack
vedio call hacked
velevate mobile security in uk
velevate network Pen testing in uk
velevate pen testing in uk
velevate vulnerability assessment in uk
Vermont State Employees
Vidar and Gandcrab attack
Vidar attack
Video Call
virtual reality
virtualbox escape exploit
virtualbox exploit db
virtualbox exploit github
virtualbox zero day exploit
virtualbox zero day fix
virtualbox zero day patch
Vivaldi
vpn
vpn access US
vpn acronym
vpn free
vpn watch netflix
vulnerabilities
vulnerabilities in Systemd
vulnerability
Vulnerable IoT Device
vulnhub hack challenges
vulnhub hacker
vulnhub hacker challenges
we development company in Noida
web anonymity test
web application attacks
web application penetration testing
web design in Noida
web design Noida
web designing services in noida
web development services in noida
web hosting platforms
Web Hosting Providers
Web services in noida
Website
website design in Noida
website development company in Noida
Webstresser
Webstresser Service
what is available on the dark web
what is data manipulation attack
what is ddos attack
what is fishing attack
what is http response how to redirect url
what is soc
what is social engineering
what is the 80/20 rule of networking
what is trojan
what is true-factor
WhatsApp
whatsapp can be hacked
whatsapp data can be hacked
whatsapp hacked and banned
whatsapp hacked help
whatsapp hacked in usa
whatsapp hacked message
who use the dark web
wi-fi spoofing
Windows
Windows 10
Windows 10 file deletion bug
Windows 10 October 2018 update
windows 10 patch
Windows client
women empowerment 2019
women empowerment and economic development
women empowerment campaigns
wordpress web designing in noida
world's biggest DDoS-for-hire service
xDedic marketplace
Xerox
Yakov Shafranovich
Yoast
Yoast SEO
Yoast SEO 9.1
Yoast SEO 9.1 vulnerability
Yoast SEO 9.2
Yoast SEO bug
Yoast SEO vulnerability
Yonathan Klijnsma
ZenCash
Zero Day Initiative (ZDI)
Zerodium Offers to Buy Zero-Day Exploits
Zhang Shilong (known online as Baobeilong
Zhu Hua (known online as Afwar

Show more Show less

Report Abuse

Powered by Blogger

Red Securium

Dunkin Donuts Resets Passwords After Enduring Credential Stuffing Attack

Dunkin Donuts Reset Passwords After Credential Stuffing

Security Steps Taken To Protect Accounts

Labels

Comments

Post a Comment

Popular posts from this blog

Information Security Analyst Interview Questions

Community Health Systems agrees to pay nearly $3.1 million as a part of settlement for 2014 data breach