Blog

January 19, 2023

Credential Stuffing Attack Strikes Norton LifeLock

Written By Securafy Team

Norton LifeLock, a leading provider of identity protection and cybersecurity services, recently experienced a data breach caused by a credential stuffing attack. 

Credential stuffing is a cyberattack in which a hacker uses previously compromised information from one account to access another account, website, or service. This highlights the risks of reusing passwords across accounts, making it easier for hackers to access personal information. 

Details of the Hack

The breach occurred on December 1 and was discovered on December 12 when IT staff witnessed an unusually large amount of incorrect login attempts. As a result, the hackers may have accessed sensitive credentials such as saved passwords, usernames, phone numbers, and email addresses of approximately 6450 Norton LifeLock customers. 

Despite security experts suggesting using different passwords for each account over the years, many password manager users have admitted to reusing passwords across multiple accounts. By reusing passwords, threat actors have a greater chance of obtaining personal information from other accounts. 

Norton LifeLock Response

In response to the hack, Norton LifeLock recommends that customers change their passwords and remain vigilant for any suspicious activity. They have also emphasized the importance of multi-factor authentication, including a security key or an authentication app, which can provide your business with an extra layer of security. In addition, Norton LifeLock stated that it is cooperating with law enforcement and will investigate security measures to prevent similar attacks in the future.

Impact on Businesses

The Norton LifeLock data breach is a reminder that even well-known and reputable companies can be victims of cyber attacks. Companies should be aware of potential vulnerabilities if they use the Norton LifeLock services or a similar password manager. Threat actors could use the information accessed during the data breach to target other accounts or launch phishing attacks against employees. 

The Norton LifeLock data breach reminds us of the growing prevalence of cyber threats. Therefore, it's essential for businesses to stay informed and take proactive measures to protect their sensitive information. These measures include changing passwords regularly, monitoring accounts for suspicious activity, and implementing additional security measures like two-factor authentication. By taking these steps, organizations can help ensure that their sensitive information remains protected.

Picture of Securafy Team
About The Author
Our team at Securafy brings you the best tech tips, from how-to guides and troubleshooting advice to software reviews and productivity hacks. We're all about empowering businesses with the tools and knowledge they need to thrive in the digital world. Follow our posts to stay equipped with practical insights that make tech work for you.

Subscribe to our newsletter

Sign up for our FREE "Cyber Security Tip of the Week!" and always stay one step ahead of hackers and cyber-attacks.