"Hackers Hijack NortonLifeLock Customer Accounts"

NortonLifeLock has recently told some customers that malicious third parties have likely accessed their accounts, potentially even reaching their password vaults.  The data breach notification sent out by the company stated that hackers have likely accessed some customers' Norton and Norton Password Manager accounts using username and password login combos.  However, the vendor, owned by Gen Digital, confirmed that these logins had not been obtained via a breach of its own IT environment.  The company stated that threat actors bought the login credentials from the dark web back in December 2022 and then tried them in "an unusually large volume" across Norton accounts.  The company noted that this would indicate a credential stuffing attack, in which hackers use automated software to try breached logins across multiple sites simultaneously in the hope that they have been reused.  The notice warned recipients that if their accounts had been accessed, the threat actors might have been able to view account holders' first and last names, phone numbers, and mailing addresses.  Even more serious is if those same bad actors managed to access password vaults containing logins to multiple other websites and accounts across the web.  A reported 6500 customers were impacted by the NortonLifeLock incident.  Gen Digital said it had been requiring customers whose accounts were subject to suspicious login attempts to reset their passwords and that it had rolled out "additional security measures."

Infosecurity reports: "Hackers Hijack NortonLifeLock Customer Accounts"