The accounts of thousands of Norton LifeLock customers were compromised by cybercriminals. The attackers may have been able to access users’ password managers.

A statement to the attorney general of the US state of Vermont reveals that Norton was hit by a “credential stuffing” attack several weeks ago. The incident involved cybercriminals using previously breached credentials to access accounts.

As early as December

According to parent company Gen Digital, the cybercriminals gained access to the accounts as of December 1, 2022. About two weeks later, Norton recorded a large number of failed logins, later confirming that customer accounts had been compromised.

The breach may have allowed cybercriminals to access usernames, passwords and personal information such as call signs, last names, phone numbers and mailing addresses.

Norton LifeLock

Users of Norton LifeLock’s password manager were notified of the breach. The company can’t rule out that cybercriminals accessed passwords stored through its service. A total of 6,450 Norton LifeLock end users are affected.

The company urges users to enable two-factor authentication and change all managed passwords as soon as possible. The Norton passwords of affected customers were reset.

Tip: LastPass confirms second data breach of the year