Norton LifeLock breach: What happened and what you should do next

Norton Lifelock hack

The recent data breach of Norton LifeLock and its password manager is a wake-up call for companies everywhere. Thousands of user records were exposed, including email addresses, passwords, security questions, and answers.

The irony of a password manager being hacked is not lost on anyone, and it highlights the importance of being proactive in protecting sensitive information.

So what exactly happened?

Gen Digital, the parent company of Norton LifeLock, sent a breach notice to its customers claiming the likely culprit was a credential stuffing attack (when your username and/or password was previously exposed in a breach and you reuse those credentials on other sites or services). Hackers use these previously exposed credentials to break into accounts on different sites and services that share the same passwords. Gen Digital says the recent breach was related to this, and not a compromise of its systems. (This is also yet another call for two-factor authentication! … something ironically enough, Norton LifeLock offers)

“In accessing your account with your username and password, the unauthorized third party may have viewed your first name, last name, phone number, and mailing address,” the data breach notice said. The notice was sent to customers that it believes use its password manager feature, because the company cannot rule out that the intruders also accessed customers’ saved passwords.

Gen Digital said it sent notices to about 6,450 customers whose accounts were compromised.

What should you do about it?

So, what can companies do to avoid becoming the next victim of a cyber attack? Here are some actionable recommendations (we’ve covered some of these in the past, but it’s a worthwhile refresher):

  1. Invest in strong security measures: Companies must invest in robust security measures to prevent cyber attacks. This includes using firewalls, encrypting data, and implementing multi-factor authentication.
  2. Regularly update software and systems: Software and systems must be regularly updated to address known security vulnerabilities. Companies should also make sure that their employees are trained on how to use these systems securely.
  3. Conduct regular security audits: Regular security audits can help identify and remediate security gaps. These audits should be conducted by a reputable third-party firm to ensure that they are thorough and objective.
  4. Train employees on security awareness: Employees are often the weakest link in the security chain. It’s important for companies to provide regular training on security awareness and best practices. This will help employees understand how to recognize and prevent cyber attacks.
  5. Implement a comprehensive data backup strategy: In the event of a data breach, companies must be able to quickly recover their data. A comprehensive data backup strategy is essential to ensure that sensitive information is protected and can be quickly restored if needed.
  6. Have a plan in place to respond to a breach: Companies must have a plan in place to respond to a data breach. This includes having a clear understanding of what steps to take, who to contact, and how to communicate with affected parties.
  7. Monitor for suspicious activity: Regular monitoring of network activity can help detect cyber attacks in progress. This can help organizations respond quickly and limit the damage caused by the attack.
  8. Secure cyber insurance: One of the most important tools in protecting your business in today’s threat environment is cyber insurance. If you don’t have explicit cyber insurance, you could be on the hook for hundreds of thousands (or millions) of dollars in losses if and when you suffer a breach. Check out this article for the real world stakes.

It’s important for organizations to understand that cyber security is not a one-time investment, but rather a continuous process. Companies must be proactive in protecting sensitive information and continuously assess and improve their security measures.

For big companies, they’ll often have entire departments dedicated to cyber protection. But what if you’re a small or medium-sized business? You may not have cyber security professionals on staff (nor the inclination to hire them full time). That’s where we come in.

As a managed IT service provider, we can handle all the pesky cybersecurity set up, systems and monitoring to ensure your defense posture is as buttoned up as it can be. Drop us a line, and we can get to work protecting you and your business!