Hackers breached Password Manager accounts of NortonLifeLock


By MYBRANDBOOK


Hackers breached Password Manager accounts of NortonLifeLock

Gen Digital, formerly Symantec Corporation and NortonLifeLock, has warned customers about a data breach, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks.

 

The attacks did not result from a breach on the company but from account compromise on other platforms. The firm said, “Our own systems were not compromised. However, we strongly believe that an unauthorized third party knows and has utilized your username and password for your account. This username and password combination may potentially also be known to others.”

 

More specifically, an attacker used username and password pairs they bought from the dark web to attempt to log in to Norton customer accounts. NortonLifeLock highlights that the risk is especially large for those who use similar Norton account passwords and Password Manager master keys, allowing the attackers to pivot more easily.

 

The firm detected “an unusually large volume” of failed login attempts in mid-December last year, indicating credential stuffing attacks where threat actors try out credentials in bulk. After a week, the company had completed its internal investigation, which revealed that the credential stuffing attacks had successfully compromised an undisclosed number of customer accounts.

 

The company says it has reset Norton passwords on impacted accounts to prevent attackers from gaining access to them again in the future and also implemented additional measures to counter the malicious attempts. NortonLifeLock also advised customers to enable two-factor authentication to protect their accounts and take up the offer for a credit monitoring service.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org