![]() The hackers were able to successfully guess at those weak passwords and access the user's Norton account and password manager,” he said. “The attack here seems to be that users self-created and used weak passwords to protect their Norton logon account that also protected their Norton password manager. KnowBe4’s Roger Grimes noted that the irony of the situation is that if the victimized users deployed their password manager to create strong passwords on their Norton login account, they may have been protected. Password managers and account access tools have been a ripe target for hackers in recent years, with both LastPass and Okta facing breaches. The company finished its investigation by December 22 and determined that the credential stuffing attacks had been successful for thousands of accounts. The attack started on December 1, the company said, with a large number of failed login attempts on December 12. A sample sent to the Office of the Vermont Attorney General warned customers that hackers accessed names, phone numbers and mailing addresses after using username and password pairs obtained from the dark web. The company shared similar information in breach notification letters sent to about 6,500 customers, according to TechCrunch. The spokesperson said they “took a variety of actions” to secure user accounts and personal information but would not elaborate. We continue to work with our customers to help them secure their accounts and personal information.” “We have been monitoring closely, flagging accounts with suspicious login attempts and proactively requiring those customers to reset their passwords upon login along with additional security measures to protect our customers. ![]() “Systems have not been compromised, and they are safe and operational, but as is all too commonplace in today’s world for bad actors to take credentials found elsewhere, like the Dark Web, and create automated attacks to gain access to other unrelated accounts,” a spokesperson said. The incident centered around Norton Password Manager users. ![]() Gen Digital – which owns Norton LifeLock and several other consumer cybersecurity brands – told The Record that 925,000 inactive and active accounts were locked down after their security team identified a high number of Norton account login attempts. Nearly one million active and inactive Norton LifeLock accounts have been targeted by credential stuffing attacks, according to a statement from the cybersecurity product’s parent company. If you have issues adding a device, please contact us.Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |