NortonLifeLock Unlocked, Making Life Worse For Their Customers

Source: Bleeping Computer NortonLifeLock Unlocked, Making Life Worse For Their Customers

Living The Bad Life

Continuing the trend of password managers being compromised, if you are a NortonLifeLock user you have already received, or are about to receive, notification that they have been breached badly.

Via Bleeping Computer:

Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks.

Unfortunately the breach happened in early December, and we are just finding out about it now. While Norton did reset the passwords of all effected accounts, the attackers likely harvested customers first name, last name, phone number, and mailing address.  It is also not unthinkable that those who use Norton may use similar passwords on other accounts, which will be vulnerable until those passwords are updated.

Bleeping Computer reached out to Norton in the hopes of finding out the total number of breached accounts but have yet to hear back.  It is also unclear as to how the attackers were able to garner the actual passwords and not just the hashes.  That, if nothing else, should make you think again about using Norton products.

Update, 01/14/23: A Gen spokesperson has responded to PC Perspective with the following statement:

Our top priority is to help our customers secure their digital lives. Our security team identified a high number of Norton account login attempts indicating credential-stuffing attacks targeting our customers’ accounts, and we are working to help our customers secure their accounts and personal information. Systems have not been compromised, and they are safe and operational, but as is all too commonplace in today’s world for bad actors to take credentials found elsewhere, like the Dark Web, and create automated attacks to gain access to other unrelated accounts. Given the prevalence of login credentials available to bad actors today, it is extremely difficult to ascertain any individual or the combined sources of data that were utilized. We do our best to encourage everyone to practice good password hygiene – strong, unique, complex passwords to help defend their accounts and personal data.

We have been monitoring closely, flagging accounts with suspicious login attempts and proactively requiring those customers to reset their passwords upon login along with additional security measures to protect our valued customers. We continue to work closely with our customers to help them secure their accounts and personal information.

Video News

About The Author

Jeremy Hellstrom

Call it,, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.


  1. Stuart

    This article was clearly written by someone who got a push notification and did no further research. Comparing this to the LastPass hack is lazy at best and disingenuous at worst. With LastPass, it was their own system that got breached and they handled it absolutely atrociously. From leaving data unencrypted that should’ve been encrypted to holding information back and telling customers there was nothing they needed to do, it was handled in basically the worst possible way. In this case someone bought a list of usernames and passwords from a different hack and tried to use them to see if they would work. Comparing these two situations is like comparing a valet who left all the cars unlocked and half of them got stolen with a valet who locked the cars like normal but 2 or 3 customers left copies of their keys laying around the event and a couple of cars ended up getting stolen anyway. Apples and Oranges are honestly not different enough to describe the differences between these two hacks.

    • James

      Curious. Why did you say”Comparing this to the Lastpass hack…” Neither this article or the Bleeping Computer article compared it to Lastpass. I read both articles twice and did not even see a mention of Lastpass, much less a comparison.

      • Jeremy Hellstrom

        Was wondering that myself.

  2. psuedonymous

    “It is also unclear as to how the attackers were able to garner the actual passwords and not just the hashes.”

    Because for a password manager to function for its intended purpose, plaintext passwords must by definition be accessible.


Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!