Sophos Warns Affected Customers After Security Breach
UK cyber security and hardware company Sophos has notified customers that data has potentially been leaked online due to a misconfigured database.
The exposed customer data was accessible to unauthorized parties due to a misconfigured “tool” used by the company to store information by users who reached out to the company’s support team.
A “small subset” of the company’s customers were affected, with first and last names, email addresses and phone numbers thought to have been accessed.
“On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support,” the company said in the notification email.
“As a result, some data from a small subset of Sophos customers was exposed. We quickly fixed the issue.”
“At Sophos, customer privacy and security are always our priority,” the cybersecurity firm added. “We are contacting all affected customers.” “Additionally, we are implementing additional measures to ensure access permission settings are continuously secure.”