Norton LifeLock, a leading provider of identity protection and cybersecurity services, recently experienced a data breach caused by a credential stuffing attack. 

Credential stuffing is a cyberattack in which a hacker uses previously compromised information from one account to access another account, website, or service. This highlights the risks of reusing passwords across accounts, making it easier for hackers to access personal information. 

Details of the Hack

The breach occurred on December 1 and was discovered on December 12 when IT staff witnessed an unusually large amount of incorrect login attempts. As a result, the hackers may have accessed sensitive credentials such as saved passwords, usernames, phone numbers, and email addresses of approximately 6450 Norton LifeLock customers. 

Despite security experts suggesting using different passwords for each account over the years, many password manager users have admitted to reusing passwords across multiple accounts. By reusing passwords, threat actors have a greater chance of obtaining personal information from other accounts. 

Norton LifeLock Response

In response to the hack, Norton LifeLock recommends that customers change their passwords and remain vigilant for any suspicious activity. They have also emphasized the importance of multi-factor authentication, including a security key or an authentication app, which can provide your business with an extra layer of security. In addition, Norton LifeLock stated that it is cooperating with law enforcement and will investigate security measures to prevent similar attacks in the future.

Impact on Businesses

The Norton LifeLock data breach is a reminder that even well-known and reputable companies can be victims of cyber attacks. Companies should be aware of potential vulnerabilities if they use the Norton LifeLock services or a similar password manager. Threat actors could use the information accessed during the data breach to target other accounts or launch phishing attacks against employees. 

The Norton LifeLock data breach reminds us of the growing prevalence of cyber threats. Therefore, it’s essential for businesses to stay informed and take proactive measures to protect their sensitive information. These measures include changing passwords regularly, monitoring accounts for suspicious activity, and implementing additional security measures like two-factor authentication. By taking these steps, organizations can help ensure that their sensitive information remains protected.

Related Posts - TKS Blog

From Insight to Action: How Data Analytics Can Help Your Business Grow
Companies of all sizes have unparalleled access to information in today's digital era. Data created by a business may give significant insights into its operations...
Read more
Create a Secure Environment for Remote Workers
Having remote workers in your business is a great way to expand cost-effectiveness and helps your business grow. But, unfortunately, many businesses have issued remote...
Read more
CISA Issues Warning Over Microsoft Exchange Server Vulnerabilities
Microsoft has warned that hackers are already using zero-day Exchange Server exploits to break into victims' networks and steal data and that more attacks are...
Read more
Product Releases from Amazon’s Hardware 2022 Event
A number of exciting products were announced at Amazon's Hardware 2022 event. These announcements include two brand-new Eero home networking products and the news that...
Read more

Used with permission from Article Aggregator