silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,148
UK-based cyber-security vendor Sophos is currently notifying customers via email about a security breach the company suffered earlier this week.
"On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support," the company said in an email sent to customers and obtained by ZDNet.
Exposed information included details such as customer first and last names, email addresses, and phone numbers (if provided).
A Sophos spokesperson confirmed the emails earlier today and told ZDNet that only a "small subset" of the company's customers were affected but did not provide an approximate number.
Sophos said it learned of the misconfiguration from a security researcher and fixed the reported issue right away.
"At Sophos, customer privacy and security are always our top priority. We are contacting all affected customers," the company said. "Additionally, we are implementing additional measures to ensure access permission settings are continuously secure. "
Sophos notifies customers of data exposure after database misconfiguration
Exclusive: Company says that only a small subset of customers were impacted.
www.zdnet.com