Credentials stuffing attack prompts password resets for Sky customers



British telco Sky has locked iD accounts as a safety measure following a credentials stuffing attack detected last month.

The measure was taken as a precaution, the company told ZDNet via email.

Hackers accessed some email accounts following last month’s credentials stuffing attack, but those users had their accounts locked and were notified at the time.

The accounts that have been locked yesterday have not been breached, the company told us.

Instead, Sky said they were locking accounts and prompting users to reset their passwords “as [a] good password management practice.”

Read more…