Sophos, provider of cybersecurity software and hardware has suffered a breach.
As first reported by ZDNet, the firm is sending out emails to customers who were affected by the breach.
“On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support. As a result some data from a small subset of Sophos customers was exposed. We quickly fixed the issue,” the firm wrote in its email to customers.
When we contacted Sophos locally we received a singular sentence as a statement.
“At Sophos, customer privacy and security are always our top priority. We quickly fixed the issue,” the firm said.
Thanks to the aforementioned customer email though, we know that first names, last names, email addresses and contact numbers (where provided) were exposed.
The firm assured customers that, “your data is no longer exposed”.
Further to that, Sophos told ZDNet that it was implementing additional measures to ensure access permission settings are secure.
If you’re a Sophos customer keep an eye out for the email above and be wary of any calls claiming to be your bank or some other trusted entity. Cybercriminals will often use information gleaned from breaches such as this to launch spear-phishing attacks.
While Sophos says your information is safe it’s unclear how long this vulnerability was present and who could see the exposed information.