Insurer State Farm has been hit by a credential-stuffing attack designed to gain access to U.S. customers’ online accounts. The company’s security team first noticed the attack on July 6. It’s not clear how many customers were affected by the incident, and the State Farm did not specify how many notification letters went out. Credential stuffing attacks typically involve hackers using usernames and passwords stolen in other breaches in an attempt to attack other organizations by guessing combinations of names and passwords.”]
Source: https://www.cuinfosecurity.com/state-farm-investigates-credential-stuffing-attack-a-12893