Credential stuffing attack impacts Nando’s customers

Some of Nando’s customers have seen their online accounts hacked following a credential stuffing attack.

Credential stuffing takes advantage of people reusing username and password combinations across different accounts. Stolen credentials from data breaches can be used against multiple online accounts with an eventual match giving attackers access.

Hackers who have gained access to accounts have placed large orders and caused huge bills for those affected.

Nando’s have promised to reimburse affected customers and have said in a statement that their systems had not been hacked.

Protecting yourself from attacks such as this can be achieved in a few ways:

  • Use separate passwords for important accounts
  • Create strong passwords with three random words
  • Consider saving your passwords in a browser

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: