Ugh! Norton LifeLock password manager accounts accessed by hackers • Graham Cluley

/in


Ugh! Norton LifeLock password manager accounts accessed by hackers

What’s happened?

If you use Norton lifeLock as your password manager, your account may have been compromised.

Woah. What???

According to Bleeping Computer, Gen, the company behind Norton LifeLock (and other brands including Avast, Avira, AVG, ReputationDefender, and CCleaner), is sending data breach notifications to some of its customers warning that their accounts have been accessed following a credential-stuffing attack.

So Norton LifeLock got hacked?

I’d argue that’s an unfair way to describe what’s happened.

Norton LifeLock didn’t screw up anything like as badly as fellow password manager LastPass did in its recent horrendous hack.

In fact, in the notification being sent to affected Norton LifeLock customers, the company says:

Our own systems were not compromised. However, we strongly believe that an unauthorized third party knows and has utilized your username and password for your account.

But how did a hacker find out the username and password to so many people’s LifeLock accounts?

Credential-stuffing attacks take advantage of the fact that many people still make the mistake of reusing the same passwords in different places on the internet.

If one service gets breached and its password database stolen, hackers can fling those credentials at other online accounts – to see if they might unlock something desirable elsewhere.

When did this attack happen?

The company says that the unauthorised access to customer accounts began on December 1 2022, but things heated up considerably on December 12 when a “large volume” of failed account logins occurred.

What did the hackers access in Norton LifeLock accounts?

The data breach notification says that users’ names, phone numbers, and mailing addresses have been accessed, but TechCrunch reports that the company “cannot rule out that the intruders also accessed customers’ saved passwords.”

Gulp!

What can be done to stop this kind of attack?

Well, the first thing is to STOP REUSING PASSWORDS (Sorry for shouting, but I’ve been saying this for years…)

The other thing you can do is enable two-factor authentication (2FA) on your accounts, which adds an additional layer of protection even if your password…

Source…