Sophos announced that some of its customers’ data exposed during a security breach. According to the announcement, it was caused by a database misconfiguration and it was fixed shortly after it was reported by a security researcher. Exposed information includes customers’ first and last names, emails, and phone numbers.
Database misconfiguration
The company didn’t share any information about the technical details about the misconfiguration or the number of affected customers. This data breach incident is the company’s second security incident in 2020. In April, Sophos’ XG firewall was attacked. Attackers tried to abuse a zero-day vulnerability to deploy ransomware but failed. The company stated in the notification mail,
“On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support. As a result, some data from a small subset of Sophos customers was exposed. We quickly fixed the issue.
Your information was exposed, but due to remediation measures we have taken, your data is no longer exposed. Specifically, first name, last name, email address and, where provided, a contact phone number.
At Sophos, customer privacy and security are always our top priority. We are contacting all affected customers. Additionally, we are implementing additional measures to ensure access permission settings are continuously secure.”