However, after analyzing the attack, the vendor strongly believes that an unauthorized third party knew and used the username and password for a number of user accounts account (namely, all NortonLifeLock user accounts where the username and password are evident from the lists used). There was also no vulnerability in its products. NortonLifeLock writes that its own systems were not attacked. Using this list, an attempt was made to log into Norton customer accounts. In this attack, the attacker uses a list of usernames and passwords obtained from another source, such as the dark web. But it was not until 10 days later, around December 22, 2022, that the first findings were made.Īn unauthorized third party had performed a credential stuffing attack on NortonLifeLock user accounts starting on December 1, 2022. Steps were immediately taken to analyze these events. On December 12, 2022, NortonLifeLock security staff discovered an unusually large number of failed logins to customer accounts.
It gets interesting when you know that this is the legal successor to Symantec Corporation and NortonLifeLock, which in turn bought antivirus manufacturers Avira and Avast, among others. The company's headquarters are in Tempe, in the state of Arizona and since the acquisition of Avast, Prague is a second headquarters. is a US developer of security software for home users. Colleagues here noticed this privacy incident notice from Gen Digital (NortonLifeLock). The NortonLifeLock warning about potential data access to Password Manager accounts was issued by the Vermont State Attorney General's office as of January 9, 2023.
0 kommentar(er)
