SonicWall disclosed that a state-sponsored threat actor stole all firewall configuration files stored in its cloud backup service, exposing encrypted credentials and configuration data. Customers are urged to verify backups and reset passwords to mitigate targeted attack risks. #SonicWall #Mandiant #CloudBackupThreats
Keypoints
- A state-sponsored attacker infiltrated SonicWallβs cloud backup system using an API call.
- The breach resulted in the theft of all customer firewall preference files stored online.
- SonicWall confirmed the incident did not affect its products, firmware, or customer networks directly.
- The company has completed its investigation with Mandiant and is implementing further security measures.
- Customers are advised to check backup statuses and reset passwords to prevent targeted attacks.
Read More: https://www.securityweek.com/state-sponsored-hackers-stole-sonicwall-cloud-backups-in-recent-attack/