NortonLifeLock
Company Details
Linkedin ID:
nortonlifelock
Employees number:
822
Number of followers:
34,156
NAICS:
541514
Industry Type:
Homepage:
gendigital.com
IP Addresses:
0
Company ID:
NOR_3989299
Scan Status:
In-progress
NortonLifeLock Company CyberSecurity Posture
gendigital.com
NortonLifeLock and Avast merged in 2022 and are now Gen™ (NASDAQ: GEN) - a global company dedicated to powering Digital Freedom through its trusted Cyber Safety brands. The Gen family of consumer brands is rooted in providing safety for the first digital generations. Now, Gen empowers people to live their digital lives safely, privately, and confidently today and for generations to come. Gen brings award-winning products and services in cybersecurity, online privacy and identity protection to nearly 500 million users in more than 150 countries.
NortonLifeLock A.I CyberSecurity Scoring
NortonLifeLock Risk Score (AI oriented)Between 650 and 699
NortonLifeLock
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
NortonLifeLock Global Score (TPRM)XXXX
NortonLifeLock
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
NortonLifeLock Company CyberSecurity News & History
Past Incidents
3
Attack Types
3
NortonLifeLock Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Vermont Office of the Attorney General reported on January 9, 2023, that NortonLifeLock Gen Digital experienced a data breach, where unauthorized third parties likely accessed customer usernames and passwords for accounts created before December 1, 2022. The breach began around December 1, 2022, and potentially exposed customer first names, last names, phone numbers, and mailing addresses. The number of affected individuals is currently unknown.
NortonLifeLock
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Gen Digital, previously Symantec Corporation, and NortonLifeLock, alerted its clients to the fact that threat actors had compromised Norton Password Manager accounts through credential-stuffing assaults. The company stated that while none of its systems had been penetrated, the attack may have utilized credentials that came from another source. NortonLifeLock has not yet made public how many customers are affected. Threat actors could have accessed Password Manager accounts and seen information such as first and last names, phone numbers, and mailing addresses. NortonLifeLock has announced the adoption of additional security measures for the affected accounts and reset Norton passwords on those accounts in response to the incident.
NortonLifeLock
Vulnerability
Rankiteo Explanation
Attack limited on finance or reputation
Description: Identity theft protection firm LifeLock have exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company.
NortonLifeLock Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for NortonLifeLock
Incidents vs Computer and Network Security Industry Average (This Year)
No incidents recorded for NortonLifeLock in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for NortonLifeLock in 2025.
Incident Types NortonLifeLock vs Computer and Network Security Industry Avg (This Year)
No incidents recorded for NortonLifeLock in 2025.
Incident History — NortonLifeLock (X = Date, Y = Severity)
NortonLifeLock cyber incidents detection timeline including parent company and subsidiaries
NortonLifeLock Company Subsidiaries
NortonLifeLock and Avast merged in 2022 and are now Gen™ (NASDAQ: GEN) - a global company dedicated to powering Digital Freedom through its trusted Cyber Safety brands. The Gen family of consumer brands is rooted in providing safety for the first digital generations. Now, Gen empowers people to live their digital lives safely, privately, and confidently today and for generations to come. Gen brings award-winning products and services in cybersecurity, online privacy and identity protection to nearly 500 million users in more than 150 countries.
Loading...
NortonLifeLock Similar Companies
CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk — endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-clas
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest s
.png)
NortonLifeLock CyberSecurity News
November 19, 2025 01:55 PM
Norton LifeLock Black Friday 2025: Save Big on Identity Theft Protection Plans
Norton LifeLock's Black Friday sale is live – get major discounts on identity protection and cybersecurity plans.
November 18, 2025 01:59 PM
Incogni vs Norton LifeLock: 2025 Expert Comparison
Discover the key differences between Incogni vs Norton LifeLock. Our expert comparison reveals which service offers stronger data...
November 10, 2025 03:45 PM
Gen Digital Raises FY26 Revenue Outlook to US$4.97 billion
Gen Digital raises its annual revenue forecast again, driven by strong cybersecurity demand and MoneyLion fintech integration.
August 18, 2025 07:00 AM
Is Norton LifeLock Worth It in 2025? An Honest Look at the Pros and Cons
Norton LifeLock has a price tag that may give you pause, so we'll discuss whether the features provide enough value.
July 11, 2025 07:00 AM
NortonLifeLock: net revenue 2012-2023, by region
The net revenue made by US software company NortonLifeLock (former Symantec) from the fiscal year 2012 to 2023 has increased.
July 09, 2025 07:00 AM
Gen Digital, Inc.'s net revenue from 2007 to 2024
The net revenue generated by the US software company, Gen Digital, Inc., formerly NortonLifeLock, has fluctuated from 2007 to 2024.
July 07, 2025 07:00 AM
Norton LifeLock remains a strong contender in the identity theft protection market
Norton LifeLock is a prominent identity theft protection service for a compelling reason. The intuitive and powerful mobile application provides a wide range...
May 07, 2025 08:37 PM
Investcorp sells Avira for $360m to NortonLifeLock
Consumer-software company NortonLifeLock said it has agreed to buy the cybersecurity and privacy company Avira for about $360m in cash from Investcorp...
December 16, 2024 08:00 AM
How To Avoid Norton Lifelock Scams: Stay Secure and Protected
Learn how to identify and avoid Norton Lifelock scams. Protect yourself from online fraud and identity theft, and use Norton Lifelock...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
NortonLifeLock CyberSecurity History Information
Official Website of NortonLifeLock
The official website of NortonLifeLock is https://www.gendigital.com/us/en/.
NortonLifeLock’s AI-Generated Cybersecurity Score
According to Rankiteo, NortonLifeLock’s AI-generated cybersecurity score is 695, reflecting their Weak security posture.
How many security badges does NortonLifeLock’ have ?
According to Rankiteo, NortonLifeLock currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does NortonLifeLock have SOC 2 Type 1 certification ?
According to Rankiteo, NortonLifeLock is not certified under SOC 2 Type 1.
Does NortonLifeLock have SOC 2 Type 2 certification ?
According to Rankiteo, NortonLifeLock does not hold a SOC 2 Type 2 certification.
Does NortonLifeLock comply with GDPR ?
According to Rankiteo, NortonLifeLock is not listed as GDPR compliant.
Does NortonLifeLock have PCI DSS certification ?
According to Rankiteo, NortonLifeLock does not currently maintain PCI DSS compliance.
Does NortonLifeLock comply with HIPAA ?
According to Rankiteo, NortonLifeLock is not compliant with HIPAA regulations.
Does NortonLifeLock have ISO 27001 certification ?
According to Rankiteo,NortonLifeLock is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of NortonLifeLock
NortonLifeLock operates primarily in the Computer and Network Security industry.
Number of Employees at NortonLifeLock
NortonLifeLock employs approximately 822 people worldwide.
Subsidiaries Owned by NortonLifeLock
NortonLifeLock presently has no subsidiaries across any sectors.
NortonLifeLock’s LinkedIn Followers
NortonLifeLock’s official LinkedIn profile has approximately 34,156 followers.
NAICS Classification of NortonLifeLock
NortonLifeLock is classified under the NAICS code 541514, which corresponds to Others.
NortonLifeLock’s Presence on Crunchbase
Yes, NortonLifeLock has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/symantec.
NortonLifeLock’s Presence on LinkedIn
Yes, NortonLifeLock maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/nortonlifelock.
Cybersecurity Incidents Involving NortonLifeLock
As of December 02, 2025, Rankiteo reports that NortonLifeLock has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
NortonLifeLock has an estimated 2,894 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at NortonLifeLock ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability, Breach and Data Leak.
How does NortonLifeLock detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with fixed vulnerability, and containment measures with adoption of additional security measures, containment measures with password resets, and communication strategy with customer alerts..
Incident Details
Can you provide details on each incident ?
Title: LifeLock Vulnerability Exposes Customer Emails and Communication Preferences
Description: Identity theft protection firm LifeLock have exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company.
Type: Data Exposure
Attack Vector: Web Application Vulnerability
Vulnerability Exploited: Email Indexing and Unsubscribe Vulnerability
Title: Norton Password Manager Accounts Compromised by Credential-Stuffing Attacks
Description: Gen Digital, previously Symantec Corporation, and NortonLifeLock, alerted its clients to the fact that threat actors had compromised Norton Password Manager accounts through credential-stuffing assaults. The company stated that while none of its systems had been penetrated, the attack may have utilized credentials that came from another source. NortonLifeLock has not yet made public how many customers are affected. Threat actors could have accessed Password Manager accounts and seen information such as first and last names, phone numbers, and mailing addresses. NortonLifeLock has announced the adoption of additional security measures for the affected accounts and reset Norton passwords on those accounts in response to the incident.
Type: Credential-Stuffing Attack
Attack Vector: Credential-Stuffing
Motivation: Unauthorized Access
Title: NortonLifeLock Gen Digital Data Breach
Description: Unauthorized third parties likely accessed customer usernames and passwords for accounts created before December 1, 2022. The breach potentially exposed customer first names, last names, phone numbers, and mailing addresses.
Date Detected: 2023-01-09
Date Publicly Disclosed: 2023-01-09
Type: Data Breach
Threat Actor: Unauthorized third parties
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Credentials from Another Source.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Exposure NOR013101122
Data Compromised: Email addresses, Communication preferences
Systems Affected: Web Application
Identity Theft Risk: High
Incident : Credential-Stuffing Attack NOR225881023
Data Compromised: First and last names, Phone numbers, Mailing addresses
Systems Affected: Norton Password Manager
Incident : Data Breach NOR153072525
Data Compromised: Usernames, Passwords, First names, Last names, Phone numbers, Mailing addresses
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Email Addresses, Communication Preferences, , Personally Identifiable Information, , Usernames, Passwords, First Names, Last Names, Phone Numbers, Mailing Addresses and .
Which entities were affected by each incident ?
Incident : Data Exposure NOR013101122
Entity Name: LifeLock
Entity Type: Company
Industry: Identity Theft Protection
Customers Affected: Millions
Incident : Credential-Stuffing Attack NOR225881023
Entity Name: Gen Digital (previously Symantec Corporation, and NortonLifeLock)
Entity Type: Company
Industry: Cybersecurity
Incident : Data Breach NOR153072525
Entity Name: NortonLifeLock Gen Digital
Entity Type: Company
Industry: Cybersecurity
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Exposure NOR013101122
Containment Measures: Fixed Vulnerability
Incident : Credential-Stuffing Attack NOR225881023
Containment Measures: Adoption of Additional Security MeasuresPassword Resets
Communication Strategy: Customer Alerts
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Exposure NOR013101122
Type of Data Compromised: Email addresses, Communication preferences
Number of Records Exposed: Millions
Personally Identifiable Information: Email Addresses
Incident : Credential-Stuffing Attack NOR225881023
Type of Data Compromised: Personally identifiable information
Sensitivity of Data: Medium
Personally Identifiable Information: First and Last NamesPhone NumbersMailing Addresses
Incident : Data Breach NOR153072525
Type of Data Compromised: Usernames, Passwords, First names, Last names, Phone numbers, Mailing addresses
Personally Identifiable Information: first nameslast namesphone numbersmailing addresses
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by fixed vulnerability, , adoption of additional security measures, password resets and .
References
Where can I find more information about each incident ?
Incident : Data Breach NOR153072525
Source: Vermont Office of the Attorney General
Date Accessed: 2023-01-09
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Vermont Office of the Attorney GeneralDate Accessed: 2023-01-09.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Customer Alerts.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Credential-Stuffing Attack NOR225881023
Entry Point: Compromised Credentials from Another Source
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized third parties.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-01-09.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-01-09.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Email Addresses, Communication Preferences, , First and Last Names, Phone Numbers, Mailing Addresses, , usernames, passwords, first names, last names, phone numbers, mailing addresses and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Web Application and Norton Password Manager.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Fixed Vulnerability and Adoption of Additional Security MeasuresPassword Resets.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were passwords, mailing addresses, last names, First and Last Names, first names, usernames, Phone Numbers, Mailing Addresses, Email Addresses, Communication Preferences and phone numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Vermont Office of the Attorney General.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Compromised Credentials from Another Source.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=nortonlifelock' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
