DraftKings hit by network compromise
Incident
Summary
Hide ▲
Show ▼
DraftKings suffered a credential-stuffing account compromise that exposed nearly 68,000 accounts and enabled theft from roughly 1,600 accounts. Attackers reused credentials stolen in multiple breaches to take over customer logins and drain funds. The incident mattered because account reuse turned a login attack into direct financial loss and large-scale account abuse.
Related Happenings
BlackFile vishing extortion campaign targeting retail and hospitality organizations
Campaign
First: 24.04.2026 21:26
Last: 24.04.2026 21:26
Sources 1
About this happening:
The **BlackFile** campaign is driving **vishing-based data theft and extortion** against **retail and hospitality organizations**, putting employee credentials and enterprise data...
BlackFile vishing extortion campaign targeting retail and hospitality organizations
CampaignAbout this happening: The **BlackFile** campaign is driving **vishing-based data theft and extortion** against **retail and hospitality organizations**, putting employee credentials and enterprise data...
Kamerin Stokes sentenced for DraftKings account-selling scheme
Law Enforcement
First: 17.04.2026 10:10
Last: 17.04.2026 10:10
Sources 1
How related:
23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts.
About this happening:
**Kamerin Stokes** was **sentenced to 30 months in prison** for selling access to **tens of thousands of hacked DraftKings accounts**, closing a federal **cybercrime** case that a...
Kamerin Stokes sentenced for DraftKings account-selling scheme
Law EnforcementHow related: 23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts.
About this happening: **Kamerin Stokes** was **sentenced to 30 months in prison** for selling access to **tens of thousands of hacked DraftKings accounts**, closing a federal **cybercrime** case that a...
Microsoft AiTM payroll pirate attack mitigation
Advisory/Mitigation
First: 10.04.2026 14:56
Last: 10.04.2026 14:56
Sources 1
About this happening:
**Microsoft** is urging defenders to harden **Microsoft 365** and related **HR workflows** against **AiTM**-driven payroll theft by requiring **phishing-resistant MFA**, blocking...
Microsoft AiTM payroll pirate attack mitigation
Advisory/MitigationAbout this happening: **Microsoft** is urging defenders to harden **Microsoft 365** and related **HR workflows** against **AiTM**-driven payroll theft by requiring **phishing-resistant MFA**, blocking...
PcComponentes hit by cyberattack
Incident
First: 21.01.2026 22:55
Last: 21.01.2026 22:55
Sources 1
About this happening:
**PcComponentes** confirmed a **credential stuffing attack** on its platform, and the event mattered because a **small number of accounts** were compromised and account protection...
PcComponentes hit by cyberattack
IncidentAbout this happening: **PcComponentes** confirmed a **credential stuffing attack** on its platform, and the event mattered because a **small number of accounts** were compromised and account protection...
ESentire-observed account compromise surged 389% in 2025
Target Trend
First: 16.01.2026 13:40
Last: 16.01.2026 13:40
Sources 1
About this happening:
**Account compromise** surged **389% year over year** in **2025**, making it the dominant observed attack pattern and increasing **credential theft** and **account takeover** risk...
ESentire-observed account compromise surged 389% in 2025
Target TrendAbout this happening: **Account compromise** surged **389% year over year** in **2025**, making it the dominant observed attack pattern and increasing **credential theft** and **account takeover** risk...
Timeline
-
17.04.2026 10:10 3 articles · 1mo ago
DraftKings hit by network compromise
Initial DisclosureAttackers used reused credentials in a **November 2022** credential-stuffing run to take over **DraftKings** accounts. The early phase focused on account access and resale rather than malware or exploitation.
Show sources
- Man gets 30 months for selling thousands of hacked DraftKings accounts — www.bleepingcomputer.com — 17.04.2026 10:10
- Man gets 30 months for selling thousands of hacked DraftKings accounts — www.bleepingcomputer.com — 17.04.2026 10:10
- DraftKings warns of account breaches in credential stuffing attacks — www.bleepingcomputer.com — 07.10.2025 22:09