A credential-stuffing attack put NortonLifeLock clients at risk

January 18, 2023
Credential Stuffing Cyberattack NortonLifeLock Client Info Data Leak Dark Web Norton Password Manager

The customers of Norton Password Manager were put at risk after a group of unknown hackers successfully conducted credential-stuffing attacks that compromised the password manager’s user accounts.

This report emerged after Gen Digital (previously Symantec Corporation and NortonLifeLock) emailed its customers to inform them about the data breach incident. The security company stated in the alert that the breach resulted from an account compromise on a third-party platform and not from a breach that directly hit the company.

Furthermore, the company fears that the hackers had obtained an undisclosed number of customers’ usernames and passwords through their successful credential-stuffing operation, putting many people’s privacy at risk.


NortonLifeLock admits that hackers have attempted several credential-stuffing operations after obtaining customers’ credentials from the dark web.


Last December 1, the company detected a malicious entity utilising Norton customers’ username and password pairs purportedly purchased from a dark web marketplace to perform login attempts. By December 12, numerous failed login attempts were identified, implying that the threat actors performed a bulk credential-stuffing operation.

An internal investigation was completed by December 22, whereby the company discovered that the hackers had successfully compromised Norton Password Manager customers’ user accounts, endangering them.

Some of the information that could have been potentially exposed to the hackers are customers’ full names, phone numbers, and mailing addresses. Moreover, the company admitted that customers’ stored details in the Norton Password Manager private vaults could have also been compromised.

Because of the criticality of the cyberattack against NortonLifeLock, they warned all affected customers to be extremely cautious as it could allow threat actors to infiltrate their online accounts, leading to loss of financial and digital assets, exposure of classified information, fraudulent activities using their data, and more.

As an effort to aid the situation, the company has reset customers’ Norton account passwords and executed additional security measures to counter potential threats. Customers are also strongly advised to activate two-factor authentication (2FA) in their accounts and to accept the free credit monitoring service they have offered.

About the author

Leave a Reply