Home / Early Warning / Cybersecurity Highlights / General Motors suffers credential stuffing attack

General Motors suffers credential stuffing attack

05/23/2022

US automaker General Motors was the victim of a credential stuffing attack that exposed some customers' information and allowed attackers to redeem reward points for gift cards.

The specific target of the attack was its online platform for managing invoices, services and redeeming reward points.

GM contacted those affected to inform them of account recovery instructions. In addition, affected users should reset their passwords before logging back into their accounts.