The password management service suffered a data breach in its master code in August 2022 but didn’t reveal the extent of the incident until December, when it confirmed data from up to 25 million customers had been compromised. News of the Norton LifeLock breach comes weeks after a class action law suit was launched against LastPass for failing to disclose the extent of a cyberattack. It has reset the passwords on impacted accounts to prevent customers from being illegally accessed again. This makes it easy for criminals pivoting from one account to another, the company said. The worst impacted will be those who’s password manager master keys and Norton account passwords were similar. “In accessing your account with your username and password, the unauthorised third party may have viewed your first name, last name, phone number and mailing address,” the company said.Ĭustomers who have been breached may have had data in their private vaults exposed. Norton LifeLock sent breach notices to a total of 6,450 account holders. This username and password combination may potentially also be known to others.” But, it said, “we strongly believe that an unauthorised third party knows and has utilised your username and password for your account. The company’s systems “were not compromised,” according to a statement issued as part of a data breach notice.
Incidents have been reported stretched as far back as December 1 last year. (Photo by monticello/Shutterstock) Thousands of Norton Password Manager accounts breachedĪ statement from Gen Digital, Norton LifeLock’s parent company, said customers have experienced credential stuffing attacks in recent weeks. Customers of Norton Password Manager breached in credential stuffing attack. Password managers offer widely varying levels of security, experts told Tech Monitor, and it is important customers research their chosen solution thoroughly. The breach comes hot on the heels of the successful attack on another password manager service LastPass, which brings the security of such platform – designed to safeguard personal information – into question. More than 6,000 Norton LifeLock customers may have suffered credential stuffing attacks, compromising their personal data.
0 kommentar(er)
