Exploit: Credential Stuffing
Npower: Energy Utility
Risk to Small Business: 2.603 = Moderate
Energy firm Npower has closed down its app following a credential stuffing attack. This incident spurred an earlier than planned shut down of the company’s mobile that was slated to be shut down later in 2021 as part of wind-down plans following Npower’s acquisition by Eon.
Individual Risk: 2.673 = Moderate
Some customers’ financial and personal information was accessed by bad actors including contact details, birth dates, addresses and partial bank account numbers. Customers should be wary of potentials spear phishing or credential compromise attempts using this data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Shutting down any art of your operations because of a cyberattack is no good for any business. Fortunately for this company, it just accelerated an ongoing process, bu no every company would be that lucky.