Credential stuffing attacks are a rather old method of breaching an account, but they are still relatively successful. These attacks rely on human error in the form of reusing passwords. From an organizational standpoint, this could lead to account compromise if an employee reuses one of their passwords from an external site that was breached for their work account. To detect credential stuffing attacks, organizations can monitor logon events for a spike in failed authentications against multiple accounts. Additionally, there are numerous policies that could be put in place, such as enforcing strong password policies. These can include character and symbol limits as well as password expiration. Further, it is also beneficial to educate users on this attack and the dangers of reusing passwords across multiple sites.
https://www.bleepingcomputer.com/news/security/nortonlifelock-warns-that-hackers-breached-password-manager-accounts/
