Cyberattacks in which a website, web application or a domain is hacked are increasing in frequency. The goal of most such attacks is to obtain company confidential data which is sold in the Dark Web and/or publicly published in various web accessible networks such as text storage sites. This company confidential data often includes user information including username login credentials (username/password combinations).
Once these login credentials become available, people (malicious or curious) may try to illegally exploit these credentials by accessing these hacked accounts. These accounts can remain accessible until their owners will change their passwords. While countermeasures can be taken such as forced password change processes, user accounts remain vulnerable prior to such countermeasures being implemented.