Gen Digital, previously Symantec Corporation, and NortonLifeLock, alerted its clients to the fact that threat actors had compromised Norton Password Manager accounts through credential-stuffing assaults.
The company stated that while none of its systems had been penetrated, the attack may have utilized credentials that came from another source. NortonLifeLock has not yet made public how many customers are affected.
Threat actors could have accessed Password Manager accounts and seen information such as first and last names, phone numbers, and mailing addresses.
NortonLifeLock has announced the adoption of additional security measures for the affected accounts and reset Norton passwords on those accounts in response to the incident.
Source: https://securityaffairs.com/140772/data-breach/norton-password-manager-security-breach.html
"id": "NOR225881023",
"linkid": "nortonlifelock",
"type": "Data Leak",
"date": "01/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"