“Χιλιάδες άνθρωποι που χρησιμοποιούν το Norton password manager άρχισαν να λαμβάνουν ειδοποιήσεις μέσω email αυτόν τον μήνα που τους ειδοποιούσαν ότι κάποιος τρίτος μπορεί να έχει πρόσβαση στα προσωπικά τους στοιχεία και τους κωδικούς πρόσβασης που έχουν αποθηκεύσει”, reports CNET.
"Gen Digital, Norton's parent company, said the security incident was the result of a credential-stuffing attack and not an actual breach of the company's internal systems."
Gen Digital's cybersecurity services have 500 million users — of which about 925.000 are active, and may have been targeted in the attack, a Gen Digital representative told CNET via email.
Norton's intrusion detection systems detected an unusual number of failed login attempts on December 12, the company said in its statement. Upon further investigation, around December 22, Norton was able to determine that the attack began around December 1.
"Norton immediately notified both the authorities and its customers once the team was able to confirm that data was accessed from the attack."
Personal data that may have been compromised includes Norton users' full names, phone numbers, and mailing addresses.
Norton also said it "cannot rule out" that password manager data, such as user usernames and passwords, was compromised in the attack.
