UK-based cyber-security vendor Sophos is currently notifying customers via email about a security breach the company suffered earlier this week.
"On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support," the company said in an email sent to customers and obtained by ZDNet.
Exposed information included details such as customer first and last names, email addresses, and phone numbers (if provided).
A Sophos spokesperson confirmed the emails earlier today and told ZDNet that only a "small subset" of the company's customers were affected but did not provide an approximate number.
Sophos said it learned of the misconfiguration from a security researcher and fixed the reported issue right away.
"At Sophos, customer privacy and security are always our top priority. We are contacting all affected customers," the company said. "Additionally, we are implementing additional measures to ensure access permission settings are continuously secure. "
www.zdnet.com
