SonicWall, a global cybersecurity company, confirmed that state-sponsored hackers were behind a recent incident involving unauthorized access to firewall backup files.
The breach began in early September, when the company detected suspicious activity involving the download of backup firewall configuration files stored in a cloud environment.
Upon discovery, SonicWall quickly activated its incident response plan, called in Mandiant, a well-known cybersecurity response firm, and notified partners and customers directly.
The company maintained frequent and transparent communication, hosting live Q&A sessions and providing tools and guidance to help partners respond effectively.
SonicWall also offered commercial concessions to support partners as they worked through remediation steps.
Mandiant’s thorough investigation has now concluded. The results show that the attackers, linked to a state-sponsored threat group, used an API call to access cloud backup files stored in a specific cloud environment.
According to the findings, this incident did not relate to the recent global Akira ransomware attacks targeting firewalls and edge devices.
Importantly, SonicWall confirmed that its products, firmware, and other systems, like source code and customer networks, were not impacted or compromised.
All remediation actions recommended by Mandiant have been implemented, and SonicWall continues to work closely with security experts to strengthen its cloud and network infrastructure further.
The company emphasized that its long-standing focus on security excellence and partner support remains firm. Earlier in the year, SonicWall launched a Secure by Design modernization initiative.
This included updates to product architecture, cloud operations, internal cybersecurity practices, and the appointment of a new Chief Information Officer.
The company also continues to invest in advanced response teams and cutting-edge security tools. SonicWall’s determination to stay ahead is underscored by external validation.
Even as nation-state threat actors increasingly target security vendors, SonicWall is committed to transparency, strong partnerships, and relentless improvement to safeguard its customers and partners worldwide.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
A critical security vulnerability has been discovered in ASUSTOR backup and synchronization software, allowing attackers…
Microsoft has introduced a practical new feature in Windows 11 designed specifically for public-facing monitors…
SonicWall has disclosed a critical stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That…
OpenAI has launched GPT-5.1-Codex-Max, a specialized coding model designed to handle complex development tasks autonomously. The…
The U.S. Department of the Treasury, Australia, and the United Kingdom have announced coordinated sanctions…
Salesforce has issued a critical security alert identifying "unusual activity" involving Gainsight-published applications connected to…