Gen Digital, formerly known as Symantec and later Norton LifeLock, says hackers attempted to compromise 925,000 accounts. This succeeded in an unknown number of victims, and personal data may have been stolen. The company advises victims to change their password and enable two-factor authentication.
Hackers may have stolen private information.
According to research by Gen Digital, the cyber attack occurred on December 12 last year. Employees saw an unauthorized party making numerous login attempts to Norton LifeLock customer accounts. The person in question had managed to get hold of login details. According to Gen Digital, this information was not obtained from the company. In his own words, this data came from “another source”, presumably the dark web.
Customers’ personal data may have been viewed during the cyber attack, although Gen Digital cannot say for sure now. This concerns first and last names, telephone numbers and email addresses, and the company cannot rule out that the attackers obtained credentials stored in Norton Password Manager.
“If the unauthorized party has viewed your data, it can make this data available to others or use a combination of your password and email address to log in to other online accounts,” Gen Digital writes in the letter to victims.
An unknown number of casualties
A company spokesperson confirmed to BleepingComputer that the attackers attempted to hack 925,000 active and inactive accounts through credential stuffing. A program automatically enters a combination of usernames and passwords until there is a match. In an unknown number of cases, the perpetrators managed to penetrate an account.
Gen Digital has reset the password of almost one million accounts to ensure that the perpetrators can no longer view personal data. The company also says it has taken “numerous measures” to prevent a recurrence. Victims are advised to change their NortonLifeLock account and password manager passwords. Especially if customers use the same password for multiple online services.
Two-factor authentication and strong passwords
The best way to protect an account is to activate two-factor authentication . An access code must also be entered in addition to a username and password. In fact, you add an extra layer of security to your online accounts. While no credit card or payment details have been stolen, Gen Digital offers victims a service that allows them to monitor spending on their checking accounts.
Finally, victims are advised to comply with the basic rules of cyber hygiene. By this, the company means that people should regularly change the password of their online accounts, not use the same password twice and develop strong passwords.
Find more articles here
Follow us on Facebook here