Data Breach

Norton LifeLock Data Breach

925K records exposed • December 2022

A company that sells identity protection got hacked. Attackers used passwords stolen from other breaches to log into Norton accounts and potentially access the passwords stored inside.

What Happened

Norton LifeLock notified customers that attackers used credential stuffing to access accounts. The irony of a security company being breached was not lost on observers.

Attack method: Credential stuffing

What Data Was Exposed

Names, Phone numbers, Email addresses, Potentially stored passwords

Is your business exposed?

What to Do If You're Affected

1.
Change your Norton LifeLock password
2.
Change all passwords stored in the password manager
3.
Enable two-factor authentication

Lessons for Businesses

• Security companies are not immune to attacks
• Credential stuffing remains effective
• Password reuse creates systemic risk

Sources

https://www.bleepingcomputer.com/news/security/norton-lifelock-accounts-targeted-in-large-scale-credential-stuffing-attacks/

Related Breaches

Lastpass 2022

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required