The Securities and Exchange Commission has provided more details about how its official X account was compromised earlier this month. In a statement, the regulator confirmed that it had been the victim of a SIM swapping attack and that its X account was not secured with multi-factor authentication (MFA) at the time it was accessed.
Credential stuffing, or using compromised login information to take over accounts, has been around as long as we’ve used passwords to secure our accounts. But, perhaps in part because it's gotten easier for hackers to perform this type of attack, credential stuffing made headlines in recent months.