SonicWall disclosed Wednesday that an unauthorized person had accessed the firewall configuration backup files of all customers using its cloud backup service.
“The files contain encrypted credentials and configuration data. While encryption is maintained, possession of these files may increase the risk of targeted attacks,” the company said.
It also said it is working to notify all partners and customers, adding that it has released tools to help assess and remediate devices. The company is also asking users to log in and verify their devices.
This development comes weeks after SonicWall urged customers to perform a credential reset after a security breach affecting MySonicWall accounts exposed firewall configuration backup files.
The list of affected devices available on the MySonicWall portal is assigned a priority level to help customers prioritize remediation efforts. The label is –
Active – High Priority: Devices with Internet Connectivity Service enabled Active – Low Priority: Devices without Internet Connectivity Service Inactive: Devices that have not pinged home in 90 days
The company previously said the attackers accessed less than 5% of its customers’ backup firewall configuration files stored in the cloud, and stressed that while the credentials in those files are encrypted, they also contain “information that could make it easier for an attacker to potentially exploit the associated firewall.”
Users are advised to immediately follow the steps below.
Log in to your MySonicWall.com account and check if a cloud backup exists for your registered firewall. If the field is blank, it has no effect. If the field includes backup details, check to see if the affected serial number is listed in your account. If a serial number is displayed, users should follow the listed firewall containment and remediation guidelines.
SonicWall said it will provide additional guidance in the coming days if customers are using the cloud backup feature and are not seeing a serial number or only seeing a portion of their registered serial number.
Source link
