Some of Nando’s customers have seen their online accounts hacked following a credential stuffing attack.
Credential stuffing takes advantage of people reusing username and password combinations across different accounts. Stolen credentials from data breaches can be used against multiple online accounts with an eventual match giving attackers access.
Hackers who have gained access to accounts have placed large orders and caused huge bills for those affected.
Nando’s have promised to reimburse affected customers and have said in a statement that their systems had not been hacked.
Protecting yourself from attacks such as this can be achieved in a few ways:
- Use separate passwords for important accounts
- Create strong passwords with three random words
- Consider saving your passwords in a browser