20,000 accounts hacked at online mail-order pharmacy DocMorris


Level 78
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Trouble for customers of the online mail-order pharmacy DocMorris. The mail-order company had already restricted payment options days ago due to invoice fraud and requires payment in advance. Now it is reported that 20,000 user accounts at DocMorris were hacked via a credential stuffing attack. DocMorris has blocked these accounts.

As of January 25, 2023, German site apotheke-adhoc.de reported that the online mail-order pharmacy DocMorris had suddenly changed its payment methods and required payment in advance. So far there were numerous possibilities with DocMorris to settle orders in on-line Shop (Paypal, credit card Mastercard or Visa, Klarna, Paydirekt, cash payment or calculation). Now probably only payment methods are allowed, where the customer pays in advance, writes apotheke-adhoc.de.
It has now become known that there was probably a credential stuffing attack on the online accounts of the online mail-order pharmacy DocMorris. In the process, the attackers sample lists of access names and passwords for the online accounts, which are known from previous hacks and are traded on the darknet. If a customer uses such access data for several online accounts or uses weak passwords that appear in these lists, the attackers gain access to the account.
According to this tweet, attackers succeeded in cracking 20,000 customer accounts at DocMorris in this way. German site heise reported here (referring to this German Spiegel article, paywall), But also at German site apotheke-adhoc.de there is this report on the credential stuffing attack on DocMorris. According to DocMorris, the affected customers had been informed in accordance with Article 34 of the General Data Protection Regulation (GDPR) and the accounts had been blocked.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.