Over 6000 Norton LifeLock affected by a data breach

Posted on January 16, 2023 at 4:09 PM

Over 6000 Norton LifeLock affected by a data breach

Thousands of customers of Norton LifeLock have been affected by a data breach that compromised their accounts. The attacks enabled the threat actors to access customer password managers according to the details revealed by Gen Digital, the parent company of Norton LifeLock.

Gen Digital customers affected by a data breach

Gen Digital sent out a notice to customers saying that the most likely cause of the data breach was a credential-stuffing exploit. In this attack, the exposed credentials are used to gain unauthorized access to customer accounts at different sites and services where the same password is used. The attack does not include compromising systems.

Norton LifeLock usually recommends that users adopt two-factor authentication to prevent such types of attacks from happening. This authentication process prevents the attacker from accessing accounts by simply using their passwords, as they will have to authenticate their ownership of these accounts using other methods.

In the notice, the company reported that it had detected that threat actors had started compromising accounts around December 1. The attacks started two weeks before the company’s systems detected a “large volume” of failed logins into customer accounts. The high volume triggered the company to inquire about what was happening.

The data breach notice further said, “in accessing your account with your username and password, the unauthorized third party may have viewed your first name, last name, phone number, and mailing address.”

The company sent out this notice to customers who believe it used its password manager feature. The company has said that there was a possibility that hackers had accessed the passwords that customers had saved.

Gen Digital said that it sent out breach notices to around 6,450 customers. These are customers whose accounts were compromised because of the breach. The company also said that its systems were not compromised because of the breach and were safe and operational.

Nevertheless, in today’s world, threat actors use credentials stolen through another breach. These credentials can be found on the dark web and are used to automate attacks that can later be used to access unrelated accounts. Therefore, the company was taking measures to ensure that the customers whose accounts were affected remained safe.

Besides notifying the customers affected by the breach, Gen Digital also urged them to change their passwords to ensure that another breach would not happen. The company has also taken “additional measures” to protect the customers.

Increased threat on password managers

This security breach happened a few weeks after LastPass US LLP reported a similar exploit. The latter is one of the leading competitors of Gen Digital when it comes to password management.

The breach on LastPass happened after another hacking attack against the company in August last year. The password management company said that threat actors used technical information stolen in August to conduct the second breach. The hackers’ goal was to access the cloud storage environment of LastPass.

During this breach, the hackers stole various customer details, including usernames and billing addresses. They also accessed an encrypted backup copy of the login details that the LastPass password manager stores in its systems.

The company has also said that the encrypted backup copy that the hackers stole could not be decrypted. The copy could only be accessed using users’ account passwords, but these ones were not affected by the exploit. Nevertheless, the breach led to millions of customer encrypted password vaults being stolen.

In 2021, Passwordstate, another company behind one of the most popular password managers, was also hacked. The hack resulted in the company sending out a malicious software update to its customers, which allowed the threat actors to gain access and steal customer passwords.

The increase in the number of breaches facing software companies has been a concern, given that gaining unauthorized access to these firms could result in customers losing access to their accounts. The hacks could also result in more breaches.

Nevertheless, password managers are usually recommended by security experts. They are used to generate and store unique passwords as long as the users have taken precautionary measures. Additionally, those who use password managers are urged to have protections in place that will limit the effects of a breach if it happens, such as what happened with LastPass and other password managers. 

Over 6000 Norton LifeLock affected by a data breach
Article Name
Over 6000 Norton LifeLock affected by a data breach
Thousands of Gen Digital customer accounts have been breached in an exploit. The breach affected more than 6,000 customers. Attacks targeting password managers are on the rise.
Publisher Name
Publisher Logo

Share this:

Related Stories:


Get the latest stories straight
into your inbox!


Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading