BLUF: In Module 4 of CYSE 200T, we are talking about Information Availability and different types of attack vectors. This will explain the Credential Compromises attack vector.

What is it? 

A credential compromise is what happens when an unauthorized person gains access to someone else’s user credentials. This stolen information is commonly used in many types of attacks, occasionally in blackmail. It can be used to commit fraud, commit even worse attacks, or just steal data.

Popular Types/Variants

Some popular types of Credential Compromises include: Credential Stuffing, which are automated attacks that steal information using preestablished stolen credentials from a previous or current breach. Credential harvesting, using data that is found by scraping through public repositories or credential dumping tools. Phishing, pretending to be someone else or the use of social engineering to trick real users into giving them authorized access to import data. Malware, data mining malware is a popular way to steal all types of data, including credentials, passwords, and access codes. 

How is it done?

Attackers can gain access to credentials through multiple different ways. After the attacker gains access to the stolen credentials, they can act as if they were the person with the credentials. Whether they had high priority data or even low priority data it can still be used against the original user or company. While they act as the original user they can lay low until they get all the information they need. With said credentials attackers can start a large data breach, ransomware deployment, and other phishing campaigns.

Notable Occurances/Events

Some notable occurrences are those of 23andMe, Paypal, and Duo. Through credential compromise, the attacker gained access to thousands of 23andMe users accounts and genetic data. The stolen data was then offered for sale online. In 2025, 16 million PayPal accounts appeared on the dark web for sale. PayPal claims that the data was stolen from a breach from 2022 that used credential stuffing. This is an ongoing issue with PayPal as millions of accounts are at risk. Duo, which is a two-factored authentication app, suffered from a credential stuffing which displayed message logs of customers. The logs that were breached can be used for further malicious campaigns by the attacker.

0

Mitigation Techniques

Some strategies to mitigate credential compromises can include making strong passwords, Multi-factor Authentication (MFA), and the use of authentication that doesn’t require passwords like level base access. Enforcing strong password policies can ensure that personal information stays confidential and in the instance that a brute force attack happens, an HFA can be used to make sure the person accessing it is really you. In addition, such other methods like level base access like the ones implemented on our local shipyard can help authenticate people and determine who can and can’t access certain systems or information. Such implementation can also be monitored to make sure that all is running as it should and that no security breaches are to happen if anything malicious were to pass by any vulnerability that isn’t tackled.

Conclusion: These are the things that we have gone over through the current module of our class. As a part of our in-class assignment, we went over credential compromises and what it is, events, techniques and so on. As well as personal research and takeaways from what we have learned and gathered.