Austad, one of the hackers involved in the DraftKings breach, has pleaded guilty to conspiracy charges related to computer intrusion. He could face up to five years in prison. The compromised site wasn’t explicitly named, but it likely refers to DraftKings, which reported that around 68,000 user accounts were affected in November 2022 due to a credential stuffing attack. Two other individuals, Joseph Garrison and Kamerin Stokes, were also implicated. Garrison pleaded guilty in November 2023 and received an 18-month prison sentence, while Stokes followed suit in April 2024. Credential stuffing attacks involve using stolen username-password pairs from previous data breaches to access unrelated accounts. This method exploits the common practice of reusing passwords across various services. DraftKings itself issued a warning in October 2025 about a new wave of such attacks targeting its users, highlighting ongoing security risks in the online betting space. The case emphasizes the vulnerabilities that can arise from poor password practices and the potential consequences for both users and companies involved in online transactions.