Sophos has notified customers that data has potentially been leaked online mainly due to a misconfigured database.
The UK based Cyber Security Company said it was alerted to the misconfiguration by a security researcher, and that it fixed the issue immediately.
But despite the timely action, there was still a “small subset” of the company’s customers were affected with first and last names, email addresses and phone numbers thought to have been accessed. Earlier this week Sophos started emailing those customers thought to have been affected.
As seen by ZDNet, “On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support,” an email to customers read.
It further added that additional safeguards had now been implemented to ensure access permission settings can’t be exploited in the future.
1,100 total views, 1 views today