The rewards card system of Dunkin’ Donuts’ card program has been hacked again for the second time in three months. According to ZDNet, the program was compromised again using the technique credentials stuffing attack.
A huge list of passwords and stolen usernames were used from other data attacks in a high-speed automated technique to find a single combination which helped the thief to log in. These hackers either guessed the passwords or made use of the credentials to initiate the attack.
The company database of the passwords and email addresses was tampered with. However, the reward card program had only minimal personal information. The passwords and usernames would be of importance to the criminals for other credentials stuffing attacks. The best way to avoid this would be to not use the same passwords in other sites. Also, a password manager could be used to keep all your passwords under control.