Breach, Cloud Security

SonicWall firewall configurations compromised in cloud portal breach

(Credit: monticellllo – stock.adobe.com)

CyberScoop reports that organizations using SonicWall firewalls had their configuration files compromised following an attack against the company's MySonicWall.com platform.

Despite impacting fewer than 5% of firewalls, such an account-by-account brute force intrusion was noted by SonicWall Senior Director of Global Communications Bret Fitzgerald to pose a potentially significant downstream threat to its customers.

"While the files contained encrypted passwords, they also included information that could make it easier for attackers to potentially exploit firewalls," said Fitzgerald. Affected SonicWall customers have been urged to promptly conduct credential resets and log monitoring.

Meanwhile, Dell'Oro Group Senior Director of Enterprise Security and Networking Research Mauricio Sanchez highlighted the severity of the incident, which suggests systemic security gaps within the firm that could not be sufficiently addressed by modifying credentials alone.

"Vendors must continuously weigh the convenience provided against the potential consequences of compromise, and customers should hold them accountable to strong transparency and remediation practices when incidents occur," Sanchez added.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds