**<invalid character>** @[email protected] · Nov 30, 2018, 14:04

**<invalid character>** @[email protected] · Nov 30, 2018, 14:04

<invalid character> @[email protected]

Dunkin Donuts loyalty program breached via a credential stuffing attack.

yet another reminder, do not re-use passwords between systems

**The Kat : Hello, Elliot.** @[email protected] · Nov 30, 2018, 14:24

**The Kat : Hello, Elliot.** @[email protected] · Nov 30, 2018, 14:24

The Kat : Hello, Elliot. @[email protected]

@0x56 oh ffs...

Well, at least there's nothing in my email inbox about this information being stolen.

Yet.

**<invalid character>** @[email protected] · Nov 30, 2018, 14:25

**<invalid character>** @[email protected] · Nov 30, 2018, 14:25

<invalid character> @[email protected]

@katharsys2012 - if you've re-used a password, and they guessed it on the first or second time, there might not be a notification incoming.

**The Kat : Hello, Elliot.** @[email protected] · Nov 30, 2018, 14:29

**The Kat : Hello, Elliot.** @[email protected] · Nov 30, 2018, 14:29

The Kat : Hello, Elliot. @[email protected]

@0x56 Looks like they invalidated logins, and forcing a password reset.

**picks random words for phrase and then uses fingerprint for login**

Still, nothing in the email notifications about the breech. That's kind of fscked up.

**<invalid character>** @[email protected] · 2018-11-30T14:31:07Z

<invalid character> @[email protected]

@katharsys2012 - ah, missed that part - need more coffee
STAT

**The Kat : Hello, Elliot.** @[email protected] · Nov 30, 2018, 14:32

**The Kat : Hello, Elliot.** @[email protected] · Nov 30, 2018, 14:32

The Kat : Hello, Elliot. @[email protected]

@0x56 < ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️ ☕️