What You Need to Know about the Norton LifeLock Data Breach

Norton LifeLock is a global player in consumer cyber safety with a growing portfolio designed to ensure users are confident in their online privacy, security, and identity theft protection. In January 2023, the company announced that many customer accounts were affected in a breach.

Norton's parent company, Gen Digital, claimed the attack did not arise from a breach of its IT security environment but from a cyber attacker using credentials obtained from the dark web to attempt to log in to customer accounts via credential stuffing. In credential stuffing, an attacker uses a list of stolen access credentials to initiate an automated process to access online accounts using the same login credentials. Attackers typically believe that many online users use the same username and password across multiple accounts.

Over 6,000 accounts were believed to have been compromised in the December 2022 breach. Gen Digital sent notices to over 6,400 customers whose Norton accounts were compromised in the attack. Gen Digital said intruders accessed information such as first names, last names, mailing addresses, and phone numbers. The notice also states that the company cannot rule out that saved passwords were also leaked in the breach.

When Was the Norton LifeLock Data Breach?

Although Norton's data breach notification did not become public until January 2023, the company indicated that a "usually large volume" of failed logins to customer accounts was detected in December 2022. Steps were taken to investigate the occurrence, and around December 22, 2022, the company determined that around December 1, 2022, an authorized third party attempted to log into thousands of Norton customer accounts.

How to Check If Your Data Was Breached

Norton sent notifications to over 6,400 customers whose accounts were believed to have been compromised. However, if you did not receive a notice and are worried your account may have been compromised, you may use online tools such as AmIBreached and HaveIBeenPwned to verify your Norton username and password are available for purchase on the dark web.

What to Do If Your Data Was Breached

If your data was breached in the Norton LifeLock cyber attack, you should consider changing the passwords to your Norton accounts urgently. If you have any passwords stored in the Norton Password Manager, you should also change them immediately. In addition, you should implement two-factor authentication for your Norton accounts for improved security.

Are There Any Lawsuits Because of the Data Breach?

There are no known lawsuits filed against Norton as a result of the December 2022 data breach.

Can My Norton LifeLock Information Be Used for Identity Theft?

If cyber attackers gain access to your username and password, they can use your access credentials to commit fraud, like making unauthorized purchases or transactions. Since the Norton LifeLock data breach potentially involved saved password leaks, your information may be used for identity theft.

What Can You Do to Protect Yourself Online?

There are several ways to protect oneself from falling victim or minimize the impact of a data breach, such as the Norton LifeLock data breach. These ways include the following:

• Enable multi-factor authentication (MFA). MFA provides an added layer of security by requiring a secondary action to log into an account. Such an action may include confirming a code via phone call, text, biometrics, or app. Hence, even if your username and password become available on the dark web, you will still be protected.
• Pay attention to breach notifications. If you get a legitimate notification that your account has been breached, act as fast as possible to change the access to other accounts that may use the same access credentials as the breached account.
• Do not reuse passwords. Reusing passwords can lead to multiple account breaches, as an attacker may try your credentials on multiple online sites to gain access to your accounts.
• Review your account statements. As a precautionary measure, you should review your account statements and credit reports for suspicious activities. If you notice suspicious activities, you should notify the company or institution with which you maintain the account.
• Review the free resources provided by the Federal Trade Commission on avoiding identity theft scenarios.
• Place a fraud alert on your credit report. Doing this informs creditors of potential fraudulent activity and requests that the creditor contact you before establishing any accounts in your name.
• Put a freeze on your credit file. Under federal law, you can put a security freeze on your credit file free of charge. This prevents new credit from being opened in your name except with the use of a PIN number issued to you when you initiate the freeze.

Stay up to date on recent and common cybersecurity threats and best practices. IDStrong offers regular updates on such. This can safeguard you from falling victim to data breaches.