Hot potato: Security agency Gen Digital, previously Symantec and NortonLifeLock, is sending safety alerts to prospects of its Norton Password Manager service. According to the corporate, Norton accounts might have been accessed by an unauthorized third social gathering not from a vulnerability in its programs, however from a credential stuffing assault.
Credential stuffing is a kind of assault the place malicious actors accumulate giant numbers of stolen credentials, typically together with usernames, emails, and/or passwords from earlier knowledge breaches on different companies. Hackers use these stolen credentials to try to achieve unauthorized entry to consumer accounts on different platforms (assuming customers have reused the identical password) by performing mass automated login makes an attempt to internet or distant purposes.
Using two-factor authentication typically helps forestall the kind of assault NortonLifeLock provides as a result of it prevents hackers from accessing accounts utilizing solely a password.
NortonLifeLock accomplished an inside investigation on or about December 22, 2022 and located an “unusually excessive quantity” of failed login makes an attempt to buyer accounts on December 12, 2022. The investigation decided that starting round December 1, 2022, malicious actors have been utilizing an inventory of usernames and passwords obtained from different sources, corresponding to illicit marketplaces on the “darkish internet.”
A notification of the safety breach was despatched to Norton prospects stating that they’ve a “robust perception that an unauthorized third social gathering knew and used your account username and password.” The Arizona-based firm stated 925,000 “inactive and lively “Norton accounts might have been the goal of a credential stuffing assault.
Once the login try is profitable, cybercriminals might have seen “your first identify, final identify, cellphone quantity and mailing handle,” warns NortonLifeLock. For prospects utilizing Norton Password Manager, Norton says it can not rule out the likelihood that different particulars and knowledge saved there may have been compromised – “particularly in case your Password Manager key is similar or similar to your Norton account password ,” the corporate warned.
To shield customers and keep away from additional credential stuffing assaults, NortonLifeLock reset affected Norton accounts and took “a number of measures” to counter the hackers’ efforts. The firm strongly encourages customers to activate two-factor authentication and provides free credit score monitoring companies (Equifax, Experian, or TransUnion) to affected customers.
Norton additionally recommends that every one customers urgently change the passwords for all accounts they’ve saved on password managers. Password hygiene is crucial, so customers ought to change their passwords often, keep away from utilizing the identical password greater than as soon as, and solely use distinctive and sophisticated passwords, says NortonLifeLock.
