A cyber attack where stolen account credentials are used to gain unauthorized access to user accounts through automated login attempts.
Credential stuffing exploits password reuse across multiple services. Attackers use lists of compromised username/password pairs from data breaches to attempt logins on various platforms. This can lead to insider threats when employees' personal credentials are compromised and then used to access corporate systems if they've reused passwords.