Case Study: Global Retailer (Credential Stuffing target) stops account takeover and saves £1.4M/month with Netacea

Global Retailer Credential Stuffing - Customer Case Study

Global Retailer Credential Stuffing, a top-five global retailer with a $70bn turnover and 7,000+ stores, was repeatedly targeted by credential stuffing attacks that used breached usernames and passwords to take over customer accounts, make fraudulent purchases and sell validated accounts on the Dark Web. Existing WAF/DDoS controls were bypassed, the SOC was manually blocking IPs and user agents, and the business needed a specialist solution — Netacea’s bot management solution — to proactively detect and mitigate attacks across web, mobile and API traffic.

Netacea’s bot management was implemented and identified several credential stuffing attacks within 24 hours, integrating with the retailer’s SIEM and applying real-time recommendations without adding customer friction. Netacea mitigated 650,000+ malicious login attempts per week, reduced customer account fraud costs by £1.4m per month, stopped both volumetric and low‑and‑slow attacks, and freed internal product and security resources to focus on other threats.