On January 10, security software company Norton shared with the Vermont Attorney General’s office that it had detected an unauthorized third-party logging into its customers’ accounts. The intrusion was first detected by Norton on December 12. The hackers received the usernames and passwords from the dark web to log into the customers’ accounts. Through this, hackers could also break into the users’ password manager, accessing even more sensitive information. The company, however, claimed that its own systems were not compromised.
What are Password Managers?
- A password manager is a program designed to store passwords for local applications and online services, allowing users to save their password information securely. Most password managers work online or are web-based, storing information in an encrypted format in a cloud storage solution that allows users to access their stored passwords on multiple devices.
- Offline password managers, on the other hand, are installed on a device and act like a vault within the device to store information. They can be accessed using a key password, and information from them must be manually transferred when using a different device. Some password managers also come with the ability to suggest strong passwords, making it easier for users to keep their accounts safe.
The Norton Password Manager Data Breach:
- Norton, in its notification, shared that while its own systems were not compromised, attackers hacked the login credentials of its users to access their accounts. They had access to users’ full names, phone numbers, and mailing addresses.
- Norton also said that the hackers could use this information to log into its password manager, if its key was identical to the main account password. This could enable them access even more sensitive information. Norton asked its users to reset their passwords to prevent additional leaks and said it is making efforts to counter the threat from the data leak.
Impact on Users:
- A breach in a password manager can impact users in several ways. As seen in the case of the data breach with Norton’s password manager, leaked information on the dark web can be used by attackers to access information within the password manager. This leaked information could happen due to weak security in services or websites that users visit.
- Since password managers, like other online services, require users to input their master password to access data within, having a common or similar password as in other websites could lead to a breach in the password manager. And since the information stored within the password manager includes sensitive data points like usernames and passwords for different websites, it could be used by hackers to access even account and payment information of users.
Securing Your Password Manager:
- While there is no fool-proof method of preventing data leaks, users can take certain steps that could lower the risk of their data being compromised. They should always ensure that they do not have one password for all their accounts, activate two-factor authentication, and ensure that none of their passwords match the key that lets them access their password manager.
- Some password managers also provide information on compromised passwords stored within them, which may have been leaked. Users can regularly check for such information and update their passwords accordingly. Users should also be wary of visiting suspicious websites and ensure that all the software they use are running the latest security patch from their publishers.
Synopsis
The Norton password manager data breach serves as a reminder of the importance of securing our online accounts, especially those that store sensitive information. By taking the necessary precautions and staying vigilant, users can lower the risk of their data being compromised.
