Type
Incident
Actors
Pub. date
September 25, 2025
Initial access
Password attack
Impact
Data exfiltration
Observed techniques
Targeted technologies
Status
Finalized
Last edited
Sep 30, 2025 1:25 PM
SonicWall has disclosed a security incident affecting its MySonicWall cloud backup service. Threat actors conducted brute force attacks on the MySonicWall.com portal and gained unauthorized access to a subset of firewall preference files. While fewer than 5% of firewall installations were impacted and sensitive credentials remain strongly encrypted, configuration details contained in the files were only encoded, potentially providing attackers with useful intelligence for targeting associated firewall devices. According to SonicWall, no evidence currently suggests that the files have been leaked online, and the event was not ransomware-related.