While the overall volume of credentials spilled has decreased, it is the size of medium-sized incidents that is growing considerably, with 2 million records each affected in 2020.
This type of attack has a long-term impact on application security, so it is not uncommon that in the period studied it has overtaken HTTP attacks.”
Credential spills are like an oil spill – once they occur, they are very difficult to clean up, because users do not change their data and passwords and companies have not yet massively adopted solutions that prevent credential stuffing.
Link to the news: https://cutt.ly/FzEDipk