If Picard joins the line of French brands hacked in recent months, the method used for this cyberattack contrasts with previous incidents.
While other brands have been victims of intrusions by a common service provider, the hackers have this time opted for a more sophisticated technique, even if it is far from new: “credential stuffing”. This “credential stuffing” consists of using usernames and passwords already stolen in previous leaks to try to access user accounts. Cybercriminals are not inventing anything, they are only exploiting a human flaw: the reuse of the same passwords on different sites.
And the fact that the frozen food brand claims to have detected no intrusion into its central systems confirms the success of this backdoor attack strategy. As Jean Gebarowski explains, “ IT security is about process, not tooling “. Picard indicated that it had notified the CNIL and strengthened security measures, but the expert recalled that “ 100% security does not exist “. A truth that sends shivers down your spine.
