UK-based cyber-security vendor Sophos suffered from a security breach on November 2020.
An access permission problem was discovered in a mechanism that Sophos uses to keep track of clients who have contacted Sophos Support.
Customer-first and last names, email addresses, and phone numbers were among the details exposed.
According to Sophos, the configuration error was discovered by a security researcher, and the problem was immediately addressed.
"id": "SOP141111623",
"linkid": "sophos",
"type": "Breach",
"date": "11/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"