SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations

The company sent a new preferences file to less than 5% of customers, urging them to import it into firewalls and reset their passwords.

SonicWall has prompted some of its customers to reset their passwords after hackers gained access to their backup firewall preference files.

The compromised backup files, stored in a cloud service, contain encrypted credentials, but additional information they store could enable attackers to target the related firewalls, the company says.

According to SonicWall, less than 5% of its customers were affected and the hackers did not leak the files online, but the risks associated with the breach require immediate action.

“This was not a ransomware or similar event for SonicWall, rather this was a series of brute force attacks aimed at gaining access to the preference files stored in backup for potential further use by threat actors,” the company says.

To address the risk, SonicWall has notified ...