Sophos security breach exposes customer support records

“An access permission issue in a tool used to store information on customers”

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Sophos security breach exposes customer support records

Well, this is awkward.

Security firm Sophos is contacting “a small subset” of its customers warning that their details have been exposed following a breach in security.

Sophos says that it was “advised” (it doesn’t say by who, but one assumes a security researcher) that a tool it uses to store information on customers who have contacted its technical support department was suffering from “an access permission issue”.

In other words, the data was accessible by unauthorised parties.

Sophos isn’t sharing how many customers had their data exposed, but in an email to affected users it says the following information was exposed:

  • First name
  • Last name
  • Email address
  • Contact phone number

Such information could, of course, be exploited by criminals if it fell into their hands. It’s easy to imagine how a fraudster could, for instance, create a targeted attack against a company disguised as a response from Sophos’s customer support department.

Here’s an example of the email Sophos is sending affected customers, informing them of the security breach:

Sophos email

You can’t help but wonder if the reason why Sophos is not sharing quite how many customers have been affected by the issue is because they’re worried that detail might just fuel more headlines in the security press.

Sign up to our free newsletter.
Security news, advice, and tips.

Sophos says that the data is no longer exposed, which is obviously good – but doesn’t help if the data has already been scooped up by someone with malicious intent.

There is no word in its email to customers as to whether Sophos has informed the Information Commissioner’s Office of the security breach, but it does say that it is implementing controls in an attempt to prevent similar incidents happening again in future.

Remember folks, if a security company like Sophos can suffer a data breach like this then it could potentially happen to any organisation. No one is immune from screw-ups.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “Sophos security breach exposes customer support records”

  1. Marnix van Meer

    Excellent post on this breach. Every breach should be a lesson for all of us. Can’t think of any positive public reason not no reveal more details as a breached company. And now no one can learn from their fault.

  2. Paranoid Canuck

    "doesn’t help if the data has already been scooped up by someone with malicious intent"

    Akin to "Closing the barn door after the cattle have been stolen" and saying nothing about it.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.