The following example shows how an attacker could use a stolen users ID and password to access their bank account:
A malicious user steals a valid users credentials from a compromised website, then uses those credentials on the banks mobile app or online banking site. The attacker is able to log into the victim’s account because they have stolen their username and password. Now, let’s say that this victim has linked their bank accounts with another service provider (e.g., Amazon)
https://t.co/x43GFYMak4