Do you use Norton LifeLock?
Norton LifeLock, a leading provider of identity protection and cybersecurity services, recently experienced a data breach caused by a credential stuffing attack.
Credential stuffing is a cyberattack in which a hacker uses previously compromised information from one account to access another account, website, or service. This highlights the risks of reusing passwords across accounts, making it easier for hackers to access personal information.
Details of the Hack
The breach occurred on December 1 and was discovered on December 12 when IT staff witnessed an unusually large number of incorrect login attempts. As a result, the hackers may have accessed sensitive credentials such as saved passwords, usernames, phone numbers, and email addresses of about 6,500 Norton LifeLock customers.
Despite security experts suggesting using different passwords for each account over the years, many password manager users have admitted to reusing passwords across multiple accounts. By reusing passwords, threat actors have a greater chance of obtaining personal information from other accounts.
Norton LifeLock Response
In response to the hack, Norton LifeLock recommends that customers change their passwords and remain vigilant for any suspicious activity. They have also emphasized the importance of multi-factor authentication, including a security key or an authentication app, which can provide your business with an extra layer of security. In addition, Norton LifeLock stated that it is cooperating with law enforcement and will investigate security measures to prevent similar attacks in the future.
Impact on Businesses
The Norton LifeLock data breach is a reminder that even well-known and reputable companies can be victims of cyber-attacks. Companies should be aware of potential vulnerabilities if they use the Norton LifeLock services or a similar password manager. Threat actors could use the information accessed during the data breach to target other accounts or launch phishing attacks against employees.
My perspective
The Norton LifeLock data breach reminds us of the growing prevalence of cyber threats. Therefore, it's essential for businesses to stay informed and take proactive measures to protect their sensitive information. These measures include changing passwords regularly, monitoring accounts for suspicious activity, and implementing additional security measures like two-factor authentication (2FA). By taking these steps, organizations can help ensure that their sensitive information remains protected.
"Winning isn't everything,
but wanting to win is." -Vince Lombardi
By Denis Wilson
Thanks for reading this post. I always take into mind that your time and attention are precious. And these posts need to be timely, to the point, and short. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, YouTube, and Facebook.
I am also a published author and speaker on cloud computing, work-from-anywhere, and cybersecurity. I work extensively with business and professional associations to provide small business technology education programs.
Contact me if you would like me to speak to your association
