DraftKings credential stuffing campaign targeting customer accounts
Campaign
Summary
Hide ▲
Show ▼
A DraftKings credential-stuffing campaign put an undisclosed number of customer accounts at risk and triggered breach notices. Attackers used stolen username/password pairs to log into some accounts and may have seen a limited amount of data tied to those accounts. DraftKings is forcing password resets for affected users and requiring multifactor authentication for DK Horse logins.
Related Happenings
BlackFile vishing extortion campaign targeting retail and hospitality organizations
Campaign
First: 24.04.2026 21:26
Last: 24.04.2026 21:26
Sources 1
About this happening:
The **BlackFile** campaign is driving **vishing-based data theft and extortion** against **retail and hospitality organizations**, putting employee credentials and enterprise data...
BlackFile vishing extortion campaign targeting retail and hospitality organizations
CampaignAbout this happening: The **BlackFile** campaign is driving **vishing-based data theft and extortion** against **retail and hospitality organizations**, putting employee credentials and enterprise data...
DraftKings hit by network compromise
Incident
First: 17.04.2026 10:10
Last: 17.04.2026 10:10
Sources 1
How related:
DraftKings informed affected customers that attackers had gained access to their accounts and a "limited amount" of their data in attacks that bore all the signs of a credential stuffing campaign.
About this happening:
**DraftKings** suffered a **credential-stuffing account compromise** that exposed nearly **68,000 accounts** and enabled theft from roughly **1,600 accounts**. Attackers reused cr...
DraftKings hit by network compromise
IncidentHow related: DraftKings informed affected customers that attackers had gained access to their accounts and a "limited amount" of their data in attacks that bore all the signs of a credential stuffing campaign.
About this happening: **DraftKings** suffered a **credential-stuffing account compromise** that exposed nearly **68,000 accounts** and enabled theft from roughly **1,600 accounts**. Attackers reused cr...
Kamerin Stokes sentenced for DraftKings account-selling scheme
Law Enforcement
First: 17.04.2026 10:10
Last: 17.04.2026 10:10
Sources 1
About this happening:
**Kamerin Stokes** was **sentenced to 30 months in prison** for selling access to **tens of thousands of hacked DraftKings accounts**, closing a federal **cybercrime** case that a...
Kamerin Stokes sentenced for DraftKings account-selling scheme
Law EnforcementAbout this happening: **Kamerin Stokes** was **sentenced to 30 months in prison** for selling access to **tens of thousands of hacked DraftKings accounts**, closing a federal **cybercrime** case that a...
Microsoft AiTM payroll pirate attack mitigation
Advisory/Mitigation
First: 10.04.2026 14:56
Last: 10.04.2026 14:56
Sources 1
About this happening:
**Microsoft** is urging defenders to harden **Microsoft 365** and related **HR workflows** against **AiTM**-driven payroll theft by requiring **phishing-resistant MFA**, blocking...
Microsoft AiTM payroll pirate attack mitigation
Advisory/MitigationAbout this happening: **Microsoft** is urging defenders to harden **Microsoft 365** and related **HR workflows** against **AiTM**-driven payroll theft by requiring **phishing-resistant MFA**, blocking...
Storm-2755 payroll pirate campaign targeting Canadian employees
Campaign
First: 10.04.2026 14:56
Last: 10.04.2026 14:56
Sources 1
About this happening:
The **Storm-2755** campaign is stealing **Canadian employees' salary payments** by hijacking accounts through **Microsoft 365** phishing pages, creating immediate payroll-diversio...
Storm-2755 payroll pirate campaign targeting Canadian employees
CampaignAbout this happening: The **Storm-2755** campaign is stealing **Canadian employees' salary payments** by hijacking accounts through **Microsoft 365** phishing pages, creating immediate payroll-diversio...
Timeline
-
07.10.2025 22:09 2 articles · 7mo ago
DraftKings customer account access notices
Initial DisclosureDraftKings notified an undisclosed number of customers on October 2 that attackers had accessed their accounts in a credential stuffing campaign and may have viewed a limited amount of data, while government-issued identification numbers and full financial account numbers were not accessed.
Show sources
- DraftKings warns of account breaches in credential stuffing attacks — www.bleepingcomputer.com — 07.10.2025 22:09
- DraftKings warns of account breaches in credential stuffing attacks — www.bleepingcomputer.com — 07.10.2025 22:09
-
07.10.2025 22:09 1 articles · 7mo ago
DraftKings password reset and MFA response
Mitigation Patch UpdateDraftKings required potentially affected customers to reset DraftKings account passwords and enable multifactor authentication for DK Horse logins, and it also advised customers to review bank accounts and credit reports, place security freezes, and set fraud alerts as a precaution.
Show sources
- DraftKings warns of account breaches in credential stuffing attacks — www.bleepingcomputer.com — 07.10.2025 22:09