Customers who purchased products from Gen Digital, formerly Symantec Corporation and NortonLifeLock, are receiving notices about data breaches after successful credential-stuffing attacks on Norton Password Manager accounts.
The attacks, according to a letter sample given to the Office of the Vermont Attorney General, were the consequence of account penetration on other platforms rather than a breach on the company’s end.
“Our own systems were not compromised. However, we strongly believe that an unauthorized third party knows and has utilized your username and password for your account,” explained NortonLifeLock.
“This username and password combination may potentially also be known to others.”
More specifically, the notification states that some time around December 1, 2022, an attacker attempted to access into Norton customer accounts using login and password combinations they purchased from the dark web.
On December 12, 2022, the company discovered “an unusually large volume” of unsuccessful login attempts, which indicated a credential stuffing attack in which threat actors test out credentials in mass. The company’s internal investigation was finished by December 22, 2022, and it showed that the credential stuffing assaults had successfully compromised an unspecified number of customer accounts.
NortonLifeLock emphasizes the high risk
The alert warns users of the Norton Password Manager function that the attackers may have obtained data kept in the private vaults. Depending on what individuals keep in their accounts, this might result in additional online accounts being compromised, the loss of digital assets, the disclosure of secrets, and more. Because comparable Norton account passwords and Password Manager master keys make it easier for attackers to switch tactics, NortonLifeLock emphasizes that the risk is particularly high for certain users.
The business claims it has changed the Norton passwords on affected accounts in order to stop attackers from obtaining access to them again in the future and has also put additional safeguards in place to thwart the fraudulent tries.
In order to secure their accounts, NortonLifeLock also suggests that clients enable two-factor authentication and accept the offer of a credit monitoring service. The exact number of people affected by this incident has not yet been disclosed by the company.
500 million consumers purchased goods and services
About 500 million consumers can purchase goods and services from Gen’s family of companies. 925,000 accounts, both active and dormant, that might have been the target of credential-stuffing assaults have been safeguarded.
The spokesperson explained by saying, “Our top priority is to help our customers secure their digital lives. Our security team identified a high number of Norton account login attempts indicating credential-stuffing attacks targeting our customers, and we quickly took a variety of actions to help secure our customer’s accounts and their personal information. Systems have not been compromised, and they are safe and operational, but as is all too commonplace in today’s world for bad actors to take credentials found elsewhere, like the dark web, and create automated attacks to gain access to other unrelated accounts.”