The following example shows how an attacker could use a stolen user’s ID and password to access their bank account: 

A malicious user steals a valid user’s credentials from a compromised website, then uses those credentials on the bank’s mobile app or online banking site. The attacker is able to log into the victim’s account because they have stolen their username and password. Now, let’s say that this victim has linked their bank accounts with another service provider (e.g., Amazon)
https://t.co/x43GFYMak4