A type of brute force attack, credential stuffing is an attempt to gain access to a system by using stolen log-ins and passwords. The attacker uses an automated web injection to enter a large number of credentials that may have been stolen or left vulnerable in hopes of matching an existing account. Credential stuffing is one of the most popular breaches and can yield personally identifiable information.