SS7
NortonLifeLock alerts about hackers infected Password Manager accounts
Gen Digital (formerly Symantec Corporation, and NortonLifeLock) is now sending customers data breach notifications informing them of hackers’ successful breach of Norton Password Manager accounts through credential-stuffing attack.
A letter sample was shared to the Office of the Vermont attorney general. It appears that the attackers did not cause a breach at the company, but account compromises on other platforms.
“Our systems weren’t compromised. We strongly believe, however that an unauthorised third party has used your password and username for your account,” NortonLifeLock .
“This password and username combination could potentially be also known by others.”
The notice also explains how an attacker attempted to login to Norton customer accounts using username and password combinations he purchased from the dark internet.
According to the firm, there was “an unusually high volume” of unsuccessful login attempts December 12th 2022. This indicates credential stuffing where threats actors attempt bulky credentials.
The company’s internal investigation had been completed by December 22nd, 2022. It revealed that credential stuffing had resulted in the compromise of an unknown number of accounts.
The unauthorized person may have seen your name, your last name and your mailing address when they accessed your account using your username or password — NortonLifeLock
The Norton Password Manager notice alerts customers that attackers may have gained access to private vaults.
This could result in the loss or compromise of online assets and secrets as well as exposure to secret information, depending on how users store their data.
NortonLifeLock emphasizes that there is a high risk for people who have similar Norton passwords or Password Manager master keys. This allows attackers to easily pivot.
According to the company, it reset Norton passwords for impacted accounts in order to stop attackers from getting access again. It also took additional steps to combat malicious attempts.
NortonLifeLock advises its customers to use two-factor authentication in order to secure their accounts, and to take advantage of the credit monitoring service offered by NortonLifeLock.
This company has yet to release the number of individuals who were affected by the incident. BleepingComputer reached out to NortonLifeLock. We’ll keep this blog updated as soon as we get back.