BlingyStratios t1_j547a07 wrote
Reply to comment by LeftHandedGraffiti in PayPal says hackers accessed sensitive data of ~35K users, including addresses and social security numbers, in a credential stuffing attack in December 2022 by iingot
Yup! I had to deal with this a couple years ago. I had to write a custom little thing to automate adding them to our firewalls from all our kibana logs.
They didn’t give a fuck, they’d cycle through hundreds and hundreds of IPs every day and management never let me block more then /32s. Went on for months…
LeftHandedGraffiti t1_j569p99 wrote
And by the time you've blocked them, they've moved onto other IPs. I worked at a company that took these attacks very seriously but never found a way to block them. We just watched and reset the account passwords to prevent the accounts from being used.
Viewing a single comment thread. View all comments