Please be on alert that password management app LastPass and cyber security company NortonLifeLock have been compromised. Between the two, they may store a list of your usernames and passwords to multiple accounts. Be aware that access to any of those credentials may allow a cyber-criminal to spread the attack out to other accounts and applications that you use gaining access to sensitive data, or gaining control over bank accounts or other important services.
If you have accounts with either company, and to ensure added protection on other sites you use, the following steps are strongly advised:
- Immediately change your passwords to both NortonLifeLock, LastPass, and to any account that you had stored with either service.
- Use Complex Passwords. Use both lowercase and uppercase letters, numbers, and special characters. 8-12 characters or over is recommended.
- Change your passwords regularly – Do this at least once every few months.
- Never use the same password for multiple accounts – Through credential stuffing, hackers use stolen passwords on different services, hoping to find duplications. Norton claims this is what happened in this breach.
- Where available, always use two-factor authentication (2FA) – This additional security measure makes it difficult for hackers to break into accounts without the security code sent to your phone or an authentication app. Tap or click here for more details on 2FA.
Act immediately If you suspect you have fallen victim to a cyber breach. For more information on how to protect yourself contact EPB&B’s cyber professional Justine Avera at firstname.lastname@example.org or 503-445-8402