Hackers have been increasing their game recently. There was another attack where personal information was stolen. This time it was Norton’s LifeLock. Back in December of last year, their systems alerted them to many failed login attempts on the 12th. After digging into these notifications, they realized they had been hacked. By December 22^nd, 2022, Norton announced the attack and determined the initial attack happened around the 1^st of December. Norton’s LifeLock is under the parent company Gen Digital. Their cybersecurity services take care of around 500 million users, both active and inactive.

What happened?

They believe the hacker gained access though a credential stuffing attack. This is when attackers use a list of passwords exposed before to try and gain access to victims’ accounts. They pair these passwords with usernames, using an automated process. Once matches are found access is gained. Once they have the matching usernames and passwords, they continue working under the assumption that this combination is used for more than one account. This could be bank accounts, social media accounts, whatever requires a username and password. A spokesperson from Gen Digital claims that their systems are not compromised and have been flagging accounts that have suspicious activity.

Originally, when the attack was discovered, it was estimated that around 6,000 customers had been hacked. It was later determined that the hacked number was closer to 8,000 customers. The hackers had the potential to gain not only login information, but names, phone numbers and mailing addresses as well. It was also determined that the password managers may have been accessed, and therefore so were stored passwords. If you are a customer and you were affected by the attack, you could be locked out of all your accounts. Any logins and password you have stored with LifeLock have the potential to be accessed and reset by the hacker. Any credit card information or sensitive notes stored in your vault are also at risk.

What has been done? What can you do?

All accounts that were/are flagged with suspicious activity will have notices sent to the customer. All the accounts that were known to be hacked were sent emails alerting them to the situation. The company also said it reset all the passwords on the affected accounts. In addition, they added more security measures to keep future attackers out.  If you did not receive an email, and are a customer, change your passwords anyway. It is better to err on the side of caution.

If you use the same password for multiple accounts, change them up and assign different ones to each account. I know we have said it in many blogs before, but turn on two-factor authentication on any account that offers it. This adds another layer of security, making it harder for hackers to gain access to your information. If you are unsure about the security of your accounts, change the passwords. It’s better to be safe than sorry. We have a post on two-factor authentication here, and this post outlines a few small cybersecurity steps you can take. If you have any security questions these posts can answer feel free to contact us for more information!