Nando s customers said their usernames and passwords were stolen and the accounts used to place high-volume orders. Payment-card information is not stored within Nando’s accounts, leaving some questions as to how the hacks occurred. The chain of Peri-Peri chicken eateries is a fixture on most main drags in U.K. and European cities, with dozens of locations in the U.S. as well. It confirmed a credential-stuffing attack on Friday.
Source: https://threatpost.com/nandos-hackers-customer-accounts/160527/