Jason’s Deli fell prey to a credential stuffing attack in late December. Out of an abundance of caution, they will ask those they have found to be affected by this attack to reset their passwords to a more stronger one.
I am not clear if Jason’s Deli offers two-factor or multi-factor authentication.
Depending on the profile, the following may have been accessed by the attack.
- Full name
- Address (including all saved delivery addresses)
- Phone number
- Birthday
- Preferred Jason’s Deli location
- House account number
- Deli Dollar points
- Redeemable amounts and rewards
- Truncated credit card numbers (only the last four digits are visible)
- Truncated gift card numbers
Since this is an attack where credentials could have been used elsewhere, the article reminds each and every user about the fact that you should use different passwords on different sites.
We were talking about this as part of TSB near the end of the program and will be next week’s topic where it comes to password misuse. Even yours truly has been guilty although yours truly doesn’t tend to do this any longer.
For complete information about this potential breach, please read Bleeping Computer and Jason’s Deli says customer data exposed in credential stuffing attack and stay safe!
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.