Living The Bad Life
Continuing the trend of password managers being compromised, if you are a NortonLifeLock user you have already received, or are about to receive, notification that they have been breached badly.
Via Bleeping Computer:
Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks.
Unfortunately the breach happened in early December, and we are just finding out about it now. While Norton did reset the passwords of all effected accounts, the attackers likely harvested customers first name, last name, phone number, and mailing address. It is also not unthinkable that those who use Norton may use similar passwords on other accounts, which will be vulnerable until those passwords are updated.
Bleeping Computer reached out to Norton in the hopes of finding out the total number of breached accounts but have yet to hear back. It is also unclear as to how the attackers were able to garner the actual passwords and not just the hashes. That, if nothing else, should make you think again about using Norton products.
Update, 01/14/23: A Gen spokesperson has responded to PC Perspective with the following statement:
Our top priority is to help our customers secure their digital lives. Our security team identified a high number of Norton account login attempts indicating credential-stuffing attacks targeting our customers’ accounts, and we are working to help our customers secure their accounts and personal information. Systems have not been compromised, and they are safe and operational, but as is all too commonplace in today’s world for bad actors to take credentials found elsewhere, like the Dark Web, and create automated attacks to gain access to other unrelated accounts. Given the prevalence of login credentials available to bad actors today, it is extremely difficult to ascertain any individual or the combined sources of data that were utilized. We do our best to encourage everyone to practice good password hygiene – strong, unique, complex passwords to help defend their accounts and personal data.
We have been monitoring closely, flagging accounts with suspicious login attempts and proactively requiring those customers to reset their passwords upon login along with additional security measures to protect our valued customers. We continue to work closely with our customers to help them secure their accounts and personal information.