Norton’s Password Manager compromised,  user data may have been leaked: Report 

Norton LifeLock Inc. which owns the Norton brand reported unauthorised third party tried logging into customer accounts 

January 15, 2023 10:47 am | Updated 02:02 pm IST

Norton revealed it detected an unauthorised third-party had used a list of username and passwords in an attempt to log in to its customers’ accounts

Norton revealed it detected an unauthorised third-party had used a list of username and passwords in an attempt to log in to its customers’ accounts | Photo Credit: Getty Images

Norton, on Tuesday, in a notification to the Vermont Attorney General’s office shared that it detected an unauthorised third-party had used a list of username and passwords in an attempt to log in to its customers’ accounts.

(For insights on emerging themes at the intersection of technology, business, and policy, subscribe to our tech newsletter Today’s Cache.)

The company shared that third-party intrusion in its Password Manager feature was detected on Dec. 12 2022, however, the intrusion first started on Dec 1.

Though its own systems were not compromised, the company claimed it believed that an unauthorised third-party used a list of usernames and passwords obtained from another source, like the dark web, to log into Norton customer’s accounts.

The company also shared that third-party may have used usernames and passwords to view customers’ first names, phone numbers and mailing addresses. And utilised the Norton Password Manager feature to access details stored with it if the user’s Password Manager key is identical to Norton account password.

Norton asked its users to reset their Norton password in order to prevent additional attempts to access accounts by unauthorised third-parties, and has made efforts to counter the threat from the data leak.

In Dec. 2022, LasPass, another digital security company, confirmed that an unauthorised third-party gained access to “certain elements of their customers’ information”.

At the time, LastPass shared that customer’s passwords remained safe, however, attackers were able to gain access to certain elements of customer information, which the company did not specify.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.