Japanese retailer Fast Retailing says 461,091 customer accounts were hacked following a credential stuffing attack. Credential stuffing attack took place between April 23 and May 10, 2019. The company has asked all affected customers to change their passwords immediately. The number of affected customers is not public, but Internet sales made up 10% of Fast Retail’s domestic sales in the first half of the company’s current fiscal year. Cybercriminals behind credential stuffing campaigns have designed them to be completely automated, making use of large collections of stolen credentials.
Source: https://www.bleepingcomputer.com/news/security/hackers-access-over-461-000-accounts-in-uniqlo-data-breach/