SonicWall Blames Nation-State for Customer Portal Breach

State-sponsored attack on SonicWall breaches firewall backups, affecting cloud customers and exposing sensitive data.

By Content Team

Nov 6, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

SonicWall confirmed a state-sponsored attacker breached its customer portal and stole firewall configuration files from every customer using the company's cloud backup service. CEO Bob VanKirk said the attack was contained to the backup system, but security experts warn the stolen files contain sensitive data like encrypted credentials and firewall rules.

The company initially downplayed the breach's scope, claiming it affected less than 5% of customers before walking back that assessment. Critical details remain unclear, including the exact number of impacted customers and how long attackers had access. SonicWall detected suspicious activity in September but hasn't disclosed which nation was responsible.

Source: CyberScoop

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Carnival Cruise Hit by Data Breach Exposing Customer and Employee Information

Mar 19, 2026

Adobe Patches Zero-Day Vulnerability Exploited for Months

Apr 14, 2026

Hackers Poison Trivy Scanner Tags to Steal Credentials from 10,000+ CI/CD Pipelines

Mar 22, 2026

Hackers Threaten Rockstar Games Over Grand Theft Auto VI Data Breach

Apr 14, 2026