Pierluigi Paganini
January 13, 2023
Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in credential-stuffing attacks. The company detected an unusually large volume of failed logins to customer accounts on December 12, 2022, and launched an investigation to determine what has happened.
“We quickly took steps to investigate,and on around December 22, 2022, we determined that, beginning around December 1, 2022, an unauthorized third party had used a list of usernames and passwords obtained from another source, such as the dark web, to attempt to log into Norton customer accounts.” reads the data breach notice sent to the customers. “Our own systems were not compromised. However, we strongly believe that an unauthorized third party knows and has utilized your username and password for your account. This username and password combination may potentially also be known to others.”
The company pointed out that its systems were not compromised, the credentials used in the attack may have been obtained from another source. NortonLifeLock has yet to disclose the number of impacted customers.
Threat actors had access to Password Manager accounts and may have viewed account info, including first name, last name, phone number, and mailing address.
“Our records indicate that you utilize our Norton Password Manager feature and, we cannot rule out that the unauthorized third party also obtained details stored there especially if your Password Manager key is identicaI or very similar to your Norton account password.” continues the notice.
Accounts with similar Norton account passwords and Password Manager master keys are very exposed.
In response to the incident, NortonLifeLock has reset Norton passwords on impacted accounts and announced the implementation of additional measures to secure the accounts.
NortonLifeLock recommends customers enable 2FA for their accounts, it is also offering a free credit monitoring service.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Password Manager)
[adrotate banner=”5″]
[adrotate banner=”13″]
