An Australian man has been arrested after allegedly raking in an estimated AU$300,000 ($211,000) selling stolen login details online.
Working on a tip-off from the FBI, Australian Federal Police arrested the 21-year-old man on Tuesday, according to a police statement.
"The account details were obtained through credential stuffing, which sees a list of previously stolen or leaked usernames, email addresses and corresponding passwords re-used and sold for unauthorised access," the statement read. "The accounts details were from unknowing victims in Australia and internationally, including the United States."
While account sharing is common (roughlysay they'd quit a service like Netflix if it tried to stop password sharing), account stealing is a different matter.
"These types of offences can often be a precursor to more insidious forms of data theft and manipulation, which can have greater consequences for the victims involved," said the manager of cyber crime for the AFP, Acting Commander Chris Goldsmid.
The lesson? Don't use the same login details for everything and.