DraftKings has informed a small number of customers about account breaches resulting from credential stuffing attacks, where attackers used stolen login credentials from other services. Although personal data such as names and addresses may have been accessed, sensitive financial information was not compromised. The company is taking steps to enhance security by requiring password resets and enabling multifactor authentication for affected accounts.

The article discusses the cybersecurity threat of credential stuffing, where attackers use stolen usernames and passwords to gain unauthorized access to user accounts. It highlights the prevalence of this attack method, the importance of using unique passwords, and the implementation of multi-factor authentication as preventive measures.

The North Face has alerted customers that personal information was compromised during a credential stuffing attack on April 23, 2025. This incident marks the fourth such attack on the brand's website since 2020, with exposed data including names, purchase history, and contact information, although payment details remain secure. The company is now sending notifications to affected customers while facing criticism for not enforcing multi-factor authentication on all accounts.