NortonLifeLock: Malicious attackers attempted to compromise 925,000 accounts
Gen Digital, also known as NortonLifeLock and formerly Symantec, says adversaries have attempted to compromise 925,000 accounts. This has been done in an unknown number. Attackers may have been able to get into users’ Norton Password Manager.
The attackers used the purchased passwords to compromise accounts and an unknown number of users did so, writes BleepingComputer. Users whose accounts have been attacked have had Gen Digital reset their passwords. The company itself says it has not been affected by a hack.
The attack appeared to begin on December 12, when there were many login attempts. Gen Digital then launched an investigation, which revealed that attackers had been logging in with presumably purchased passwords. Those passwords probably came from previous hacks and leaked databases.
Some users also use the Norton Password Manager to store passwords. If the leaked password was the same or very similar to the ‘master password’ for the password manager, then attackers may have been able to use it as well. Gen Digital has affected users notified by letter.