NYS AG’s office warns of cyberattack

The New York State Attorney General’s Office alerted 17 companies about a cyberattack called "credential stuffing" that impacted more than 1.1 million people.

Credential stuffing is a "type of cyberattack that involves attempts to log into online accounts using usernames and passwords from other, unrelated online services."

The attackers rely on some consumers using the same password across multiple sites.

AG Letitia James said the 17 companies included online retailers, restaurants, and food delivery services. James added there are 15 billion stolen credentials being circulated across the internet.