Norton LifeLock says thousands of customer accounts breached • TechCrunch

Thousands of Norton LifeLock customers had their accounts compromised in recent weeks, allowing criminal hackers to gain access to their password managers, a recent data breach notification reveals.

In a notice to customers, Norton LifeLock’s parent company, Gen Digital, said the likely culprit was a credential stuffing attack. This is an attack that uses previously exposed or compromised credentials to break into accounts on various sites and services that share the same password. Rather than compromising the system. That’s why two-factor authentication for her, provided by Norton LifeLock, is recommended because it blocks attackers from accessing someone’s account with just a password.

The company said the intruder was found to have compromised accounts as far back as December 1, nearly two weeks before the system detected a “massive” of failed logins to customer accounts on December 12. That was it.

“When you used your username and password to access your account, an unauthorized third party may have viewed your first name, last name, phone number, and mailing address,” the data breach notice states. It is listed. The company sent notifications to customers it believed were using password manager features, as it could not rule out the possibility that the intruder also accessed the customers’ saved passwords.

Gen Digital said it has sent notifications to about 6,450 customers whose accounts have been compromised.

NortonLifeLock provides identity protection and cybersecurity services. This is the latest incident regarding the recent theft of customer passwords. Earlier this year, password manager giant LastPass confirmed a data breach in which an intruder compromised his cloud storage and stole the encrypted password vaults of millions of customers. In 2021, the company behind a popular enterprise password manager called Passwordstate was hacked, pushing tainted software updates to his customers, allowing cybercriminals to steal their passwords.

That said, security experts continue to rely on password managers to generate and store unique passwords, as long as appropriate precautions and protections are taken to limit the impact in the event of a breach. Widely recommended.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *