Credential stuffing is a type of cyberattack where cybercriminals take large databases of usernames and passwords, often stolen through recent data breaches, and attempt to “stuff” the account logins into other web applications using an automated process. Such attacks are common, as 63% of the data compromised in social engineering attacks were login credentials.