Using strong passwords is the key for a safe online data keeping and presence. The thing is, not everyone understands that, and many people simply don't listen.
Gen Digital, or formerly known as Symantec Corporation and NortonLifeLock, has been sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts using credential-stuffing attacks.
The attacks didn't happen because of a breach at the company's system, but instead, was a result of compromised user accounts on other platforms.
According to the notice by NortonLifeLock, in a post on the Office of the Vermont Attorney General's website
"This username and password combination may potentially also be known to others."
More specifically, the notice explains that around December 1, 2022, an attacker used login credentials they bought from the dark web to attempt to log in to Norton customer accounts.
And apparently, they were successful.
The company detected "an unusually large volume" of failed login attempts on December 12, 2022, indicating credential stuffing attacks where threat actors started trying out credentials they stole in bulk.
NortonLifeLock said that its breach detection systems “alerted us that an unauthorized third party likely has knowledge of the email and password you have been using with your Norton account (login.norton.com) and your Norton Password Manager.”
And on December 22, 2022, after completing its internal investigation, the company revealed that the credential stuffing attacks had successfully compromised an undisclosed number of customer accounts.
Making things worse, when the hackers managed to compromise the accounts they targeted, according to Norton, "the unauthorized third party may have viewed your first name, last name, phone number, and mailing address."
A spokesperson for the company said that:
The alert warns users of the Norton Password Manager function that the attackers
Depending on what users keep in their accounts, this could lead to additional online accounts being compromised, the loss of digital assets, the disclosure of secrets, and more.
And because comparable Norton account passwords and Password Manager master keys make it easier for attackers to switch tactics, NortonLifeLock emphasizes that the risk is particularly high for certain users.
The company said that it has changed the Norton passwords on affected accounts in order to prevent attackers from obtaining access to them again in the future.
The company also said that it put additional safeguards in place to thwart the fraudulent tries.
To prevent any similar attacks in the future, NortonLifeLock suggests that users enable two-factor authentication, and accept the its of a credit monitoring service.
While the company didn't disclose the number of affected users, it is said that around 500 million consumers purchased goods and services using Gen Digital’s array of companies.
It's estimated that the attack affected at least 925,000 accounts, both active and dormant.