Specialists at the security firm Sophos have informed some of their customers about a data exposure incident that resulted from a security breach discovered this Tuesday. User data was lost due to a misconfiguration of a tool used by the company to store user information.
In a statement, the company pointed out some details of the attack: On November 24th, we were informed of an unauthorized access problem in a tool that is used to store information about customers who have contacted the support area. As a result of the attack, some data was lost on a small number of customers.
Sophos has not disclosed who discovered the bug in this tool or how many users are affected. The information at risk includes details such as users’ full names, email addresses, and phone numbers, if shared with Sophos.
The security firm also mentioned that the incident has already been fully defused: privacy and customer safety are always our priority. We contact all affected customers. We are also implementing additional measures to ensure that access permission settings are continuously secure, added Sophos.
Copyright © Grupo Edefa SA Reproduction, in whole or in part, of this article is prohibited without the prior authorization of the publisher.