SonicWall breach hits every cloud backup customer after 5% claim goes up in smoke
SonicWall has admitted that all customers who used its cloud backup service to store firewall configuration files were affected by a cybersecurity incident first disclosed in mid-September, walking back earlier assurances that only a small fraction of users were impacted.
In an updated statement published on Wednesday, the California-based network security vendor said its investigation had determined that “all customers” who utilized the MySonicWall cloud backup feature were affected, confirming that attackers had accessed configuration backup files stored on its systems. These backups typically include firewall settings, policies, and network configurations, making them a valuable target for anyone seeking to map internal infrastructure or pivot into connected environments.
When SonicWall first disclosed the breach on 17 September, it claimed the incident was limited to “less than 5 percent” of customers. At the time, the company said it had detected “suspicious activity” against the cloud backup environment used by its next-generation firewalls and promptly disabled the service “out of an abundance of caution.”
Read more at The Register