A credential stuffing attack is where an attacker uses a list of compromised user names and passwords to try to hack into different systems in the hope (often justified) that a user has used the same password on different sites. This is why you should always use different passwords on different sites.