State Farm Insurance is notifying customers that accounts have been compromised by hackers in a credential-stuffing attack. Hackers use stolen passwords and user names from previous data breaches to brute-force accounts on a wide scale. It s unclear if the hacker accessed customer accounts or merely retrieved their credentials. It’s unclear how many customer accounts the attacker was able to access, but State Farm has reported that it services 83 million policies and accounts in the U.S. It also said that no sensitive information was viewable.
Source: https://threatpost.com/state-farm-credential-stuffing-attack/147139/