Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Yonex Shop Hit by Credential Stuffing Attack

November 14, 2024
Reading Time: 2 mins read
in Incidents
Yonex Shop Hit by Credential Stuffing Attack

Between November 7 and November 8, 2024, Yonex’s official online shop was targeted by a credential stuffing attack that affected 223 customer accounts. This method, which relies on using previously exposed login information to gain unauthorized access, led to potential exposure of personal information for 53 of the affected accounts. Among the exposed data were names, addresses, phone numbers, birth dates, gender, purchase history, and partial credit card details. The attack was detected when a customer reported receiving a suspicious order confirmation, prompting an immediate investigation.

Yonex took swift action after the breach was identified. The company blocked the IP addresses involved in the unauthorized logins and invalidated all affected passwords. Furthermore, it instituted a password change requirement for all customers upon their next login to ensure the safety of their accounts. Fraudulent orders made by attackers were canceled, and the affected customers were notified directly. The company also strengthened its monitoring systems to prevent future breaches.

The personal data exposed in this incident was limited to the information necessary for processing transactions, including names, contact details, and partial credit card numbers (with the full number and security code kept secure). No sensitive financial data like security codes or full credit card numbers was leaked. Additionally, since this attack was conducted using external sources of data, the company clarified that no internal system vulnerabilities were exploited, but rather, unauthorized login attempts were made with stolen credentials.

In response to the attack, Yonex reported the breach to the Personal Information Protection Commission and consulted with the National Police Agency. To help prevent future incidents, the company provided recommendations to its users on improving password security, such as using unique and hard-to-guess passwords. Customers were also advised not to reuse passwords across multiple services and to remain cautious of phishing attempts, as Yonex emphasized that it would never request personal or payment information via email or other communication channels.

Reference:
  • Credential Stuffing Attack Hits Yonex Online Shop Exposes Personal Data of Customers
Tags: credential stuffing attackCredit cardcyber incidentsCyber Incidents 2024Cyber threatsE-commerceNovember 2024SportsVulnerabilitiesYonex
ADVERTISEMENT

Related Posts

Porto Nacional City Hall Hit by Ransomware

Columbia University Probes Major IT Outage

June 25, 2025
Hackers Leak Saudi Games Athlete Data

Mainline Health Breach Hits 101,000 Patients

June 25, 2025
Porto Nacional City Hall Hit by Ransomware

Porto Nacional City Hall Hit by Ransomware

June 25, 2025
Hackers Leak Saudi Games Athlete Data

Hackers Leak Saudi Games Athlete Data

June 24, 2025
Hacken Token Crashes 99 Percent After Hack

Hacken Token Crashes 99 Percent After Hack

June 24, 2025
Paraguayan Government Hit By Cyberattack

Paraguayan Government Hit By Cyberattack

June 24, 2025

Latest Alerts

Hackers Abuse Trezor Support For Phishing

FileFix Attack Turns Explorer Into Weapon

OneClik Malware Attacks Energy Sector Firms

Chinese Hackers Build Router Spy Network

New Malware Skims WordPress E-commerce Sites

BEARDSHELL and COVENANT Malware Uncovered

Subscribe to our newsletter

    Latest Incidents

    Columbia University Probes Major IT Outage

    Mainline Health Breach Hits 101,000 Patients

    Porto Nacional City Hall Hit by Ransomware

    Hacken Token Crashes 99 Percent After Hack

    Paraguayan Government Hit By Cyberattack

    Hackers Leak Saudi Games Athlete Data

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial