Just a couple of weeks after LastPass reported the theft of a copy of users’ encrypted password vaults by hackers, there’s another news of a password manager data breach. NortonLifeLock has just informed around 6,450 persons that unauthorized individuals accessed their accounts putting their Password Manager accounts in danger.
Gen Digital, the owner NortonLifeLock, detected account breaches on December 12, 2021, after its breach detection system began creating notifications about a high number of unsuccessful login attempts. Based on the investigation, LifeLock users’ accounts are under a credential stuffing attack beginning on or about December 1, 2022.
NortonLifeLock reported that its systems stay secure and were not hacked, however, user accounts were exposed to unauthorized access. NortonLifeLock stated the breached accounts included data like first and last names, telephone numbers, and mailing addresses. NortonLifeLock could not confirm whether users’ Password Manager accounts were compromised but cannot exclude the probability that the hackers could have verified users’ logon credentials and accessed the password vaults. This is more possible in case users’ Password Manager keys were the same as their Norton account passwords.
A credential stuffing attack is an attack on accounts that entails trying several combinations of passwords that were extracted from data breaches at services with no association. Hackers put together password listings from several data breaches and attempt to utilize those credentials to access accounts on some other platforms. These attacks entail utilizing identified username and password combinations hoping that users have used similar information again on other platforms.
NortonLifeLock did a reset of passwords for all impacted accounts and implemented extra measures to defend against the attempts of unauthorized third parties. Affected users were instructed to change their Norton passwords right away, and the passwords of all other accounts including all passwords contained in the impacted users’ Password Manager accounts. Norton accounts with unique passwords were not impacted.
Account breaches like this are very common and become successful because of bad password practices. It can help to use a password manager for better security, nevertheless, it only works if password best practices are adopted. A password manager may have all the user’s account passwords, sensitive data including credit card information, and private files. Hence, it is important for the user to set a long, difficult, and unique password on the password manager and switch on two-factor authentication. It is highly recommended to use a passphrase with a minimum of 12 characters.