Tech warning - Norton Password Manager breached

[ATCclears]

Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in credential-stuffing attacks. The company detected an unusually large volume of failed logins to customer accounts on December 12, 2022, and launched an investigation to determine what has happened.

NortonLifeLock: threat actors breached Norton Password Manager accounts

Gen Digital, formerly Symantec Corporation and NortonLifeLock, warns that hackers breached Norton Password Manager accounts. Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in...

securityaffairs.com

Read More

 

[Provincial]

Who would have thought that a password management program would be a target for hackers?

The pious way tech people diss the general public about security/passwords is pathetic. They set up a system with major faults, then blame the "common people" when their faulty system causes major problems for their customers/clients.

If the customer follows their directions, and has a different password for every contact/interaction, it becomes unwieldy quite quickly. This is why password management programs have proliferated. What a juicy target! You get all the passwords in one hack.

It will be fun to watch how Norton tries to shift blame to their customers.

 

[Cavedweller]

 

[gryghin]

As a 27 year High tech engineer with 17 as Factory IT, we always advised against using cloud based password management for personal use.

Just stop! And if that browser asks to keep your password... make sure it's something that has nothing to do with Financials. Like that Cabela's login.... better not save your credit card to it if you are using browser password keeper.

 

[albin25]

Just checked…
…. my password storage system still hasn't been hacked/stolen.

Still on the shelf

I wonder if there's a novel entitled …
… "The Cloud" ?

My wife and I use the "novel" password security system …
…. We selected a crappy, dull, unpopular classic novel and highlight as many "password phrases" as we need on a page. Every couple of months or so, we just move to the next page and repeat the process. It's quick, easy, and we have a record of old passwords. We select which letters become caps with a dot above the letter or a number with a dot below the letter. One page can yield as many passwords as needed. And a 400 page snoozer of a novel will easily yield 30 years of totally random passwords. A bookmark lists the sites in alphabetical order, the passwords on the page follow that order.
ie., "was a dark and stormy night"yields …
… daRkand5tormy

Sounds (reads) more complicated than it is in practice.

I imagine some old, long, legal document filled with pages of boiler plate and kept in a file called "colonoscopy lawsuit" and kept in a file cabinet with your parole papers and paternity suits would also work.