Sophos

UK-based cyber-security vendor Sophos suffered from a security breach on November 2020.

An access permission problem was discovered in a mechanism that Sophos uses to keep track of clients who have contacted Sophos Support.

Customer-first and last names, email addresses, and phone numbers were among the details exposed.

According to Sophos, the configuration error was discovered by a security researcher, and the problem was immediately addressed.

Source: https://www.zdnet.com/article/sophos-notifies-customers-of-data-exposure-after-database-misconfiguration/?web_view=true

"id": "SOP141111623",
"linkid": "sophos",
"type": "Breach",
"date": "11/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"