The Payments Association

JUNE 3, 2025

Antony Lane, sales account manager at G+D , corroborates this, stating G+D increasingly uses tokenisation to improve in-app provisioning, simplify lifecycle credential management, and personalise user journeys across devices and channels. As a result, tokenisation is becoming essential for maintaining trust and fluidity.

Security 88

Security Payment Security Payment APIs and Integration Credential 88

VISTA InfoSec

APRIL 5, 2024

Operational interruption happens when cybersecurity is breached. A file falling into the wrong hands or credentials being revealed to unauthorized personnel could spell lost productivity and revenue. Data breaches don’t easily get overlooked. Tainted reputation.

Best Practices 278

Best Practices Business Continuity Continuity Compromise 278

PYMNTS

APRIL 14, 2019

According to reports citing Microsoft, the company confirmed that a “limited” number of webmail users — including @msn.com and @hotmail.com — saw their accounts compromised by hackers. It also appears the bad guys didn’t access login credentials including passwords. This is the latest breach to impact Microsoft this year.

Breach 68

Breach Accounts Credential Compromise 68

The Payments Association

MAY 28, 2025

The process replaces your 16-digit primary account number and other sensitive data with a secure, unique digital identifier that functions exclusively within controlled environments. The evolution represents more than enhanced security protocols, it constitutes a complete reimaging of payment credential architecture.

Credential 88

Credential Payments Issuers Visa 88

VISTA InfoSec

JUNE 19, 2024

For instance, an attacker might send an email that appears to be from a trusted video communication platform, prompting you to click on a link to verify your account or update credentials. Enforcing these policies ensures consistent adherence across the organization, reducing the risk of security breaches.

Risk 277

Risk Ransomware Phishing MFA 277

PYMNTS

APRIL 19, 2019

“We have no indication of any breach of Chipotle’s databases or systems.” Schalow further explained that, “through credential stuffing, [an attacker] can access [the customer’s] account once they have their user name and password, and place an order, but they cannot see their personal credit card data.”

Credential 76

Credential Compromise Credit Cards Payments 76

Payments Source

NOVEMBER 6, 2018

The breach may have occurred through a technique called "credential stuffing," in which hackers who have stolen passwords for other websites try them out on an online banking site.

Breach 71

Breach Data Breach Credential Accounts 71

PYMNTS

APRIL 24, 2019

Reports have appeared all over social media, particularly via Reddit and Twitter , about Chipotle user accounts being pirated, with hundreds of dollars’ worth of food ordered to customer cards that those customers never saw. She further noted that the firm is pretty sure credential stuffing is the root cause in this case.

Credential 67

Credential Breach API Addressing 67

PYMNTS

JULY 30, 2019

A former Amazon systems engineer working for Capital One is said to be the woman behind a breach that accessed the data of over 100 million people. Thompson formerly worked for Amazon Web Services, which hosted the Capital One database that was breached. Capital One revealed the massive data breach in a news release on July 29, 2019.

Breach 87

Breach Law Enforcement Data Breach Social Security 87

PYMNTS

OCTOBER 17, 2018

Visa announced today the commercial expansion of its Visa Token Service for “credential-on-file token requestors.” Network tokens offer merchants an appealing solution to boosting the security of transactions while also helping merchants manage the account credentialing that is now the reality of multichannel retail payments.

Credential 86

Credential Digital Payments PayPal Payments 86

VISTA InfoSec

JUNE 3, 2024

According to a Verizon report , over 80% of hacking-related breaches are due to compromised passwords. Credential stuffing , a form of cyberattack where attackers use stolen credentials to gain unauthorized access to user accounts, highlights the need for strong password policies. Here are the essential components: 1.

MFA 130

MFA Credential PCI DSS Compliance 130

PYMNTS

JULY 24, 2020

There were sellers offering data from what could have been 278,531 accounts, although some may have been duplicates or fake, the report noted. “We are not aware of any data breach at this time,” an Instacart spokesperson told BuzzFeed News. “We Instacart said that had never happened.

Data Breach 86

Data Breach Breach Phishing Duplicate 86

PYMNTS

SEPTEMBER 22, 2016

” Yahoo is apparently on the verge of reporting a massive data breach of its service — a giant hack that has exposed the data behind hundreds of millions of user accounts. ” Peace was, by his own admission, selling credentials of 200 million Yahoo users from 2012 on the dark web for just over $1,800.

Breach 87

Breach Data Breach Credential Adjustments 87

Payments Dive

JANUARY 20, 2023

It’s unclear where or how customer account credentials were obtained. Impacted customers were notified of the incident nearly a month after it was discovered.

Data Breach 78

Data Breach Breach PayPal Credential 78

VISTA InfoSec

JUNE 27, 2024

In a recent development that has raised concerns across the education sector, Los Angeles Unified School District (LAUSD) has confirmed a significant data breach involving student information. Conclusion The ramifications of this breach extend beyond immediate security concerns. As the situation unfolds, LAUSD and Snowflake Inc.

FBI 130

FBI Breach MFA Cybersecurity 130

PYMNTS

JULY 24, 2020

and Canadian online grocery delivery service, blamed reused passwords for the recent account hacks that led to the theft of its customers’ personal data that landed on the dark web. Instacart advised customers to select unique, strong passwords for their accounts that they do not use on any other apps or websites as an extra precaution.

Accounts 75

Accounts Compromise Data Breach Phishing 75

Finextra

JUNE 13, 2025

Data breaches involving bank account details not only damage reputations and erode customer trust but can also expose organisations to direct financial loss, fraud recovery efforts, and regulatory scrutiny. Even if a breach occurs, attackers get meaningless tokens rather than actionable payment credentials.

Data Security 59

Data Security Payments Data Security ISO 20022 59

PYMNTS

MARCH 4, 2020

Clothing company J.Crew said an unknown hacker accessed some of its customers’ online accounts almost a year ago, according to reports. Online accounts also store order numbers, shipping confirmation numbers and shipment statuses. The company didn’t say when the scanning took place or why the breaches hadn’t been detected sooner.

Accounts 72

Accounts Breach Credential Laws 72

PYMNTS

JANUARY 18, 2019

The largest public data breach ever has been discovered, according to Gizmodo. The breach is just one data batch of at least six more, collected by someone trying to sell the stolen info, which amounts to almost 1 terabyte of stolen information. In his blog , Hunt talked about how he discovered the breach. billion combos.

Data Breach 63

Data Breach Breach Credential Compromise 63

PYMNTS

SEPTEMBER 26, 2019

DoorDash has revealed that it was the victim of a data breach in May. It’s unknown why it took DoorDash five months to detect the breach, which impacted around 4.9 In addition, around 100,000 delivery workers also had their driver’s license information stolen in the breach. “We We are reaching out directly to affected users.”.

Breach 62

Breach Third-Party Service Provider Data Breach Credential 62

PYMNTS

MARCH 31, 2020

Marriott International experienced a massive data breach in an “incident” that involved a property system. The hotel firm said in a notice that it “at the end of February 2020, the company identified that an unexpected amount of guest information may have been accessed” with the sign-in credentials of two franchise property staffers.

Data Breach 56

Data Breach Breach Credential Assessments 56

PYMNTS

DECEMBER 4, 2018

We must give credit to the criminals who engineered the recently disclosed data breach that could end up impacting some 500 million guests of Marriott International. Breach Aftermath. Here’s the challenge: Consumers are almost certainly becoming numb to these types of breaches, secure in the knowledge that banks will have their backs.

Breach 68

Breach Data Breach Authentication Database 68

Fintech News

MAY 1, 2025

Data from Verizon Businesss 2025 Data Breach Investigations Report reveal that system intrusion has risen considerably over the past four years, escalating to become the dominant threat pattern across APAC. In 2024, these attacks accounted for 20% of breaches in APAC, marking a 49-point decline from 69% back in 2020.

APACS 74

APACS Data Breach Breach Ransomware 74

PYMNTS

OCTOBER 21, 2016

Usernames and passwords for more than 43 million accounts. Weebly said in an email to customers that user IP addresses were also taken in the breach. “We LeakedSource — who first broke the story of the Weebly hack — said it received the Weebly database from an anonymous source and notified Weebly of the breach.

Credential 55

Credential Breach Disputes Database 55

PYMNTS

JUNE 23, 2020

Reducing fraud is critical, as fraudsters look toward new avenues of stealing credentials and draining accounts. And securing those credentials will mean that, eventually, the payments ecosystem will revolve around eCommerce “IDs” that consumers can take with them no matter where or with whom they transact, across borders and devices.

Credential 110

Credential Issuers Breach RTP 110

PYMNTS

JUNE 29, 2020

Open banking comes with security risks, however, as a hacker that manages to breach an open banking API can hijack all of the apps that harness this interface to gather data. The most popular technique, credential abuse, involves fraudsters using compromised passwords and other login information to gain access to sensitive systems.

MFA 96

MFA Risk Security API 96

PYMNTS

MARCH 1, 2017

There’s a war going on in the digital world, one that most consumers are unaware of, despite the impact it could have on their money and their privacy — a battle between fraudsters and security providers over account takeovers. Account takeovers accounted for more than $2.3 billion in losses last year.

Account Takeovers 56

Account Takeovers Accounts Credential Authentication 56

PYMNTS

SEPTEMBER 19, 2019

The threat of a data breach is now an ever-present part of life for customers and the banks that serve them. A reported 3,813 data breaches across a number of industries — collectively exposing 4.1 billion stolen credentials. billion stolen credentials. AI, ML Innovations Necessary to Stop Account Opening Fraud.

AI 57

AI Accounts Data Breach Credential 57

Fintech News

MAY 8, 2024

Visa has launched an AI-powered enhancement to its Visa Account Attack Intelligence (VAAI) solution, designed to combat the increasing number of account attacks facilitated by automated scripts and botnets. Visa reports that 33% of accounts targeted by enumeration attacks experience fraud within five days of the breach.

Bots 113

Bots AI Issuers Fraud Prevention 113

PYMNTS

APRIL 26, 2016

TechCrunch reported yesterday (April 25) that identifiable information of hundreds of Spotify users — including emails, usernames, passwords and account types — showed up on the website Pastebin. ” As for the alleged victims of the breach that spoke to TechCrunch, the ways in which they became aware of the situation vary.

Breach 40

Breach Security Credential Compromise 40

The Fintech Times

DECEMBER 18, 2023

“A never-ending stream of data breaches combined with highly sophisticated and technical attacks means the stolen personal information available on the dark web is continuously replenished. Cybercriminals use that information to impersonate people in positions of authority.

Cybersecurity 139

Cybersecurity Ransomware RDC Credential 139

PYMNTS

JUNE 28, 2016

Account passwords for German telecommunications company Deutsche Telekom are for sale on the dark web, but the company said on Monday (June 25) that it has not been the victim of a cyber attack. ” Just weeks ago, a password leak caused Twitter to lock millions of user accounts.

Data Breach 40

Data Breach Breach Credential Phishing 40

EBizCharge

OCTOBER 25, 2023

Now more than ever, businesses are focusing on preventing data breaches and implementing response protocols to mitigate breaches if they occur. According to the 2023 IBM Data Breach Report , the global average cost of data breaches was $4.45 What are data breaches?

Data Breach 52

Data Breach Best Practices Breach Phishing 52

PYMNTS

JUNE 6, 2016

Reports of data breaches and cyberattacks are serious, but what happens when those claims are untrue? According to Krebs on Security , last week, several identity theft protection companies incorrectly named Dropbox as the source of a data breach that compromised nearly 73 million usernames and passwords.

Data Breach 42

Data Breach Breach Identity Theft Compromise 42

PYMNTS

MARCH 16, 2017

The Department of Justice bringing charges against two spies in Russia and two hackers who allegedly took part in the massive data breach that rocked Yahoo recently has now shed light on exactly how these breaches took place. According to Palmore, that initial breach eventually led the exposure of more than 500 million user accounts.

FBI 46

FBI Breach Identity Theft Data Breach 46

PYMNTS

NOVEMBER 29, 2018

Dunkin’, the operator of Dunkin’ Donuts franchises, is alerting DD Perks rewards program account holders that its profiles and data may have been accessed by a hacker in October. It did acknowledge that some login attempts may have succeeded, and thus sent the notification to account holders.

Law Enforcement 53

Law Enforcement Accounts Breach Laws 53

PYMNTS

DECEMBER 14, 2016

KFC is the latest company to report a hack , with the bad guys breaching its Colonel’s Club loyalty program. The report noted that KFC is hoping to limit the impact of the breach because it acted quickly to remedy the situation. KFC reportedly only found 30 accounts that were compromised so far.

Risk 77

Risk Breach Credential Database 77