State-Sponsored Hackers Stole SonicWall Cloud Backups in Recent Attack
The threat actor stole the firewall configuration files of all SonicWall customers who used the cloud backup service. The post State-Sponsored Hackers Stole SonicWall Cloud Backups in Recent Attack appeared first on SecurityWeek.
SonicWall this week revealed that a state-sponsored threat actor was behind the September hack in which firewall configuration files were stolen from its cloud backup service.
The company disclosed the incident in mid-September, saying that the attackers had exfiltrated the backup files of less than 5% of its customers.
In an October 8 update, SonicWall revised that number, saying that all firewall preference files stored using its cloud backup service were stolen.
Source: https://www.securityweek.com/state-sponsored-hackers-stole-sonicwall-cloud-backups-in-recent-attack/
Related breach coverage
- Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure2026-03-26
The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure appeared first on SecurityWeek.
- Notepad++ Supply Chain Hack Conducted by China via Hosting Provider2026-02-02
The likely state-sponsored threat actor had access to the hosting provider for months and targeted only certain Notepad++ customers. The post Notepad++ Supply Chain Hack Conducted by China via Hosting Provider appeared first on SecurityWeek.
- SonicWall says state-sponsored hackers behind September security breach2025-11-05
SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files concludes that state-sponsored hackers were behind the attack. [...]
- SonicWall blames state-sponsored hackers for September security breach2025-11-05
Cybersecurity firm SonicWall attributed the September security breach exposing firewall configuration files to state-sponsored hackers. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts were exposed. The company announced it had blocked attackers’ access and was working with cybersecurity experts and law enforcement agencies to determine the scope […]