cyber Cyber Attack

Sam's Club

Feb 11, 2022 1 min read
Sam's Club

Sam's Club's customers were receiving password reset emails and security notifications as it was targeted in credential stuffing attacks.

The attack did not involve any data breach but was a result of trying previously leaked username-password combinations to get access to the website.

Source: https://www.bleepingcomputer.com/news/security/sams-club-customer-accounts-hacked-in-credential-stuffing-attacks/

TPRM report: https://scoringcyber.rankiteo.com/company/sam%27s-club

"id": "sam201110222",
"linkid": "sam%27s-club",
"type": "Cyber Attack",
"date": "10/2020",
"severity": "70",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Retail',
                        'name': "Sam's Club",
                        'type': 'Retail'}],
 'attack_vector': 'Credential Stuffing',
 'description': "Sam's Club's customers were receiving password reset emails "
                'and security notifications as it was targeted in credential '
                'stuffing attacks. The attack did not involve any data breach '
                'but was a result of trying previously leaked '
                'username-password combinations to get access to the website.',
 'motivation': 'Unauthorized Access',
 'title': "Credential Stuffing Attack on Sam's Club",
 'type': 'Credential Stuffing',
 'vulnerability_exploited': 'Previously leaked username-password combinations'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.