SonicWall Confirms Widespread Data Breach Exposing Firewall Configs for All Cloud Backup Customers

Breaking News: SonicWall Confirms Widespread Data Breach Affecting All Cloud Backup Customers SonicWall has confirmed that all of its cloud backup customers were affected by a data breach, exposing firewall configuration files of many global businesses. The company initially downplayed the incident, claiming fewer than 5 customers were impacted, but later revealed the true scale of the attack. Timeline of Events: In mid-September 2025, SonicWall warned its firewall customers to reset their passwords after unnamed threat actors brute-forced their way into the company's MySonicWall cloud service. The attackers exploited vulnerabilities in the system, gaining access to sensitive configuration files. SonicWall initially estimated that only a small number of customers were affected but later admitted that all users of the MySonicWall cloud backup feature were impacted. Immediate Impact and Response: The breach has significant implications for businesses relying on SonicWall's cloud services. The company is urging affected customers to delete backups, rotate secrets, and recreate configurations locally to mitigate potential risks. This includes deleting firewall configuration files, VPN settings, and service credentials stored in the MySonicWall cloud. Background Context: MySonicWall allows users to back up their firewall configuration files, including network rules and access policies, VPN configurations, and admin usernames and passwords. The service is designed to provide a secure way for businesses to manage their firewalls remotely. However, the recent breach has raised concerns about the security of SonicWall's cloud infrastructure. What Happens Next: As the full extent of the breach becomes clear, affected businesses will need to take immediate action to protect themselves from potential risks. This includes rotating secrets, recreating configurations locally, and implementing additional security measures to prevent targeted network intrusions. SonicWall has promised to provide further guidance and support to its customers as they navigate this complex situation. Market analysts are warning of a potential economic impact on affected businesses, citing the risk of credential leaks and targeted network intrusions. The incident highlights the ongoing threat of cyberattacks and the need for robust security measures in today's digital landscape. *This story is developing. Information compiled from Techradar reporting.*