From bleepingcomputer.com
With credential stuffing attacks running rampant, TripAdvisor will invalidate a member’s password if their email and password were found in publicly leaked data breach databases.
A friend received an email from TripAdvisor.com yesterday and was concerned that it was a phishing email becauseĀ it stated their email address and password were found in a “lists of publicly leaked passwords”. Due to that, the company invalidated their password and they would need to reset it before they can login again.