Oct 09, 2025Ravie LakshmananCloud Safety / Community Safety
SonicWall on Wednesday disclosed that an unauthorized get together accessed firewall configuration backup recordsdata for all clients who’ve used the cloud backup service.
“The recordsdata include encrypted credentials and configuration knowledge; whereas encryption stays in place, possession of those recordsdata might improve the chance of focused assaults,” the corporate stated.
It additionally famous that it is working to inform all companions and clients, including it has launched instruments to help with gadget evaluation and remediation. The corporate can be urging customers to log in and verify for his or her gadgets.
The event comes a few weeks after SonicWall urged clients to carry out a credential reset after their firewall configuration backup recordsdata had been uncovered in a safety breach impacting MySonicWall accounts.
The checklist of impacted gadgets accessible on the MySonicWall portal has been assigned a precedence degree to assist clients prioritize remediation efforts. The labels are as follows –
Energetic – Excessive Precedence: Units with internet-facing companies enabled
Energetic – Decrease Precedence: Units with out internet-facing companies
Inactive: Units that haven’t pinged dwelling for 90 days
It beforehand acknowledged that the risk actors accessed backup firewall choice recordsdata saved within the cloud for lower than 5% of its clients, whereas emphasizing that the credentials inside these recordsdata had been encrypted however that in addition they included “data that would make it simpler for attackers to doubtlessly exploit the associated firewall.”
Customers are suggested to observe the steps beneath with speedy impact –
Log in to MySonicWall.com account and confirm if cloud backups exist for registered firewalls
If fields are clean, there is no such thing as a impression
If fields include backup particulars, confirm whether or not impacted serial numbers are listed within the account
If Serial Numbers are proven, customers ought to observe the containment and remediation pointers for the listed firewalls
SonicWall stated in instances the place clients have used the Cloud Backup function however no Serial Numbers are proven or solely among the registered Serial Numbers are displayed, it should present extra steerage in coming days.
