According to a report obtained from BleepingComputer, users of NortonLifeLock are being alerted that their accounts for Norton Password Manager are being broken into by hackers. These attacks are being carried out through the compromise of users’ accounts on other platforms.
Users of NortonLifeLock are informed via notifications that hackers are successfully accessing their Norton Password Manager accounts. On the other hand, it has been stated that the attacks were brought about not by poor security in the Norton Password Manager systems themselves but rather by means of a third-party platform.
According to a sample letter that was provided to the Office of the Vermont Attorney General, it has been determined that the attacks were not the result of a security breach on the company’s end but rather of account compromises on other platforms.
“Our own systems were not compromised. However, we strongly believe that an unauthorized third party knows and has utilized your username and password for your account,” NortonLifeLock said.
“This username and password combination may potentially also be known to others.”
To be more explicit, the notification indicates that an attacker made an attempt to hack into Norton customer accounts around December 1, 2022, using the username and password pairs that they had purchased from the dark web.
On December 12, 2022, the company discovered “an unusually large volume” of failed login attempts, which indicated brute-force password attacks, in which threat actors test out credentials in large volumes.
On December 22, 2022, the company finished its internal investigation, which indicated that the credential stuffing attacks had successfully compromised an unknown number of users’ accounts.
Users receive a warning in the notification that attackers may have accessed details stored in private vaults, which might lead to further compromises if the vulnerability is exploited. The first name, last name, phone number, and mailing address associated with the account may have also been viewed by the hackers.
Since the assault, Norton has advised users to install two-factor authentication on their accounts and has reset the passwords of all accounts that were affected by it. In addition, the company has implemented new security measures to ward off future attacks. In addition to that, it provides access to a credit monitoring service.
Users of NortonLifeLock are encouraged to take advantage of the company’s offer of a credit monitoring service and to set up two-factor authentication as an additional layer of account security.
The most recent incident concerning password locker services that has come to the public’s attention involves NortonLifeLock.
In spite of the fact that the number of compromised accounts has not been disclosed, a statement issued by the parent company of NortonLifeLock, Gen Digital, indicated that about 925,000 active and inactive accounts may have been the target of the attack.