Cybersecurity firm Sophos hit by data breach, says 'small subset' of customers affected

Advertisement
Cybersecurity firm Sophos hit by data breach, says 'small subset' of customers affected
Sophos
Leading cyber security company Sophos has notified some customers via email about a data security breach this week, saying a small subset of customers were affected.
Advertisement

According to a report in ZDNet on Thursday, the data exposure included details such as customers' first and last names, email addresses and phone numbers (wherever provided).

"On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support," the company said in the email.

Complimentary Tech Event
Discover the future of SaaS in India
The 6-part video series will capture the vision of Indian SaaS leaders and highlight the potential for the sector in the decades to come.Watch on Demand
Our Speakers
Girish Mathrubootham
Brian E. Taptich
Only a "small subset" of the customers were affected, it added.

This is the second time this year when Sophos was hit by threat actors.

Advertisement
In April, the UK-headquartered cyber security firm published an emergency security update to patch a zero-day vulnerability in its XG enterprise product being abused by hackers.

This time, Sophos said it came to know about the data exposure after a security researcher alerted the company.

"At Sophos, customer privacy and security are always our top priority. We are contacting all affected customers," the company said.

"Additionally, we are implementing additional measures to ensure access permission settings are continuously secure."
{{}}
Next StoryCoinbase denies discriminating against Black workers, preempting an upcoming New York Times investigation