Norton LifeLock – the company that promises to keep you cybersafe – discovered an unauthorized third party trying to log into a large swath of customer accounts.
The company is urging customers to change their passwords or risk being compromised.
Norton's legally required data breach notification was posted on the Office of the Vermont Attorney General’s webpage Friday afternoon.
The security software company first became aware of the incident on December 12, when intrusion detection systems alerted security teams of the unusual activity within the system.
This led them to realize that the customer accounts had been potentially compromised.
Norton traced the incident back to December 1.
By December 22, the investigation concluded the third party most likely obtained the large collection of usernames and passwords from another source, such as the dark web.
“In assessing your account with your username and password, the unauthorized user third party may have viewed your first name, last name, phone number and mailing address.”
It’s the second high-profile password manager to be hacked in the past year, leaving many consumers wondering if the applications can really be trusted.
Popular password manager LastPass was hacked in 2022 causing their reputation to plummet among users.
Because the LifeLock plan comes with Norton’s Password Manager Feature, the company warned customers the third-party user most likely had also stolen the usernames and passwords stored in their password vault.
Individual email addresses, often recycled for account usernames, would also be considered exposed, said Norton.
Once the company became aware of the mass login attempts, they “quickly reset all user passwords.”
Norton said its systems were never compromised during the attack.
Customers were urged to change all account passwords stored inside the password manager and to incorporate multi-factor authentication on their Norton accounts.
Vermont’s Data Breach Protection Law allows private companies up to 45 days to notify consumers if their personally identifiable information (PII) or login credentials have been potentially compromised in the event of a data breach.
The security firm is offering free credit monitoring to all its customers. Law enforcement is also involved in the investigation, said Norton.
Parent company: systems have not been compromised
Gen Digital, Norton LifeLock’s parent company, told Cybernews their security team identified a high number of Norton account login attempts indicating credential-stuffing attacks targeting their customers.
“Systems have not been compromised, and they are safe and operational, but as is all too commonplace in today’s world for bad actors to take credentials found elsewhere, like the Dark Web, and create automated attacks to gain access to other unrelated accounts,” Gen spokesperson said.
The company assured it would continue to implement additional security protocols and technology to help defend against these attacks. Meanwhile, customers are encouraged to use strong, complex passwords unique to each account.
“We have secured 925k inactive and active accounts that may have been targeted by credential-stuffing attacks,” Gen spokesperson said.
More from Cybernews:
Subscribe to our newsletter