HHCU Takes Precautionary Measures Against Credential-Stuffing Requests
As an ongoing effort to continuously improve the online and mobile banking experience for its members, Hoosier Hills Credit Union (HHCU) recently upgraded its mobile apps and website with increased security measures against the ever-rising threat of credential-stuffing attacks. HHCU already had various security measures in place prior to this implementation. This latest update only enhances the level of security for HHCU’s online and mobile banking environment as a part of the our dedication to create the best virtual experience possible
What is Credential Stuffing?
Credential stuffing is an effective cyberattack method where a person’s login credentials are obtained through a data breach on one service, and are used on other services. This is when an attacker is trying to see if a person’s username and password on one website will work on another. Some attackers use tools like bots that are able to bypass login protections.
Why is Credential Stuffing Effective?
People reuse passwords. Plain and simple. If someone uses the same login credentials for multiple services, and those credentials are a part of a data breach, they are at risk of potential credential-stuffing attacks.
How Can I Protect Myself from Credential Stuffing?
The only true defense against credential-stuffing attacks is to use a variety of unique passwords for every service they use online. If someone uses a different password for each of their accounts, credential stuffing will not work against them.
Even though HHCU has stronger protections in place, members are encouraged to change their password under the security settings inside HHCU’s online and mobile banking if their credentials are used for multiple services.