A data breach attack recently hit Sophos, a Uk based cybersecurity company. The company currently has notified its customers regarding the data attack via mail, which the company suffered last week. The leaked information includes user names, emails, and contact numbers. According to Sophos, only a small number of customers were affected by the data breach. The spokesperson says that a “small subset” of customers was affected; however, not providing any further details. 

Earlier this week, the company was informed of an access permission problem in a tool. The tool contains customers’ information who contact Sophos support. The company said this in an email sent to its customers. 

The company says that it came to know about the issue through an expert and had fixed the misconfiguration as soon as it was reported. According to Sophos, customer privacy and safety is their topmost priority. It is currently contacting all impacted customers. 

Besides this, the company has implemented preventive measures to ensure that permission settings are not exploited.

The data breach is the second cybersecurity incident that Sophos suffered this year. 

In April, a quite similar incident happened where hackers found and exploited a zero-day XG Firewall in Sophos and attacked companies worldwide. The hackers used Asnarok malware, but when the vulnerability was exposed, they shifted to ransomware and failed eventually. 

The email reads, “On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support. As a result, some data from a small subset of Sophos customers was exposed. We quickly fixed the issue. Your information was exposed, but due to remediation measures we have taken, your data is no longer exposed. Specifically, first name, last name, email address, and, where provided, a contact phone number. 

There is no action that you need to take at this time. At Sophos, customer privacy and security are always our top priority. We are contacting all affected customers. Additionally, we are implementing additional measures to ensure access permission settings are continuously secure.



Source link