Cybersecurity firm Sophos hit by data breach, says 'small subset' of customers affected

Advertisement
Cybersecurity firm Sophos hit by data breach, says 'small subset' of customers affected
Sophos
Leading cyber security company Sophos has notified some customers via email about a data security breach this week, saying a small subset of customers were affected.
Advertisement

According to a report in ZDNet on Thursday, the data exposure included details such as customers' first and last names, email addresses and phone numbers (wherever provided).

"On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support," the company said in the email.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More
Only a "small subset" of the customers were affected, it added.

This is the second time this year when Sophos was hit by threat actors.

Advertisement
In April, the UK-headquartered cyber security firm published an emergency security update to patch a zero-day vulnerability in its XG enterprise product being abused by hackers.

This time, Sophos said it came to know about the data exposure after a security researcher alerted the company.

"At Sophos, customer privacy and security are always our top priority. We are contacting all affected customers," the company said.

"Additionally, we are implementing additional measures to ensure access permission settings are continuously secure."
{{}}
Next StoryCoinbase denies discriminating against Black workers, preempting an upcoming New York Times investigation