Credential stuffing attacks consist of automated attempts to log into online services using user credential databases. Cybercriminals have been able to employ sets of millions of credentials stolen from high profile online platforms and companies such as Adobe, Dailymotion, VK, Bell, Tumblr, Comcast, Fling, Sony, and LinkedIn. The most targeted organizations by credential stuffing attacks have been from the Financial, E-commerce, Social Media and Entertainment, Information Technology and Telecommunications, Restaurants and Retail, and Transportation industries. For every one million random combinations of emails and passwords, attackers can compromise up to 30,000 accounts.
Source: https://www.bleepingcomputer.com/news/security/the-anatomy-of-highly-profitable-credential-stuffing-attacks/