NortonLifeLock is sending out notifications to customers about a possible data breach, informing them that Norton Password Manager accounts are being hacked en masse by hackers.
The company said it detected an “unusually high volume” of failed login attempts on Dec. 12, 2022, indicating credential-filling attacks, with attackers checking the validity of data from other sources en masse.
NortonLifeLock said its systems were not compromised during the attack. An internal investigation, which continued through Dec. 22, found that the attacks began Dec. 1 and that an unnamed number of accounts were successfully compromised.
The company says it reset Norton passwords for affected accounts to prevent attackers from accessing them again in the future, and has implemented additional measures to thwart intruder attempts.
Although the number of affected accounts was not disclosed, NortonLifeLock parent company Gen Digital said in a statement that the attack may have targeted about 925,000 inactive and active accounts.