SonicWall Breach: When Firewalls Need a Firewall!

SonicWall has revealed that a state-sponsored threat actor was behind the September hack where firewall configuration files were swiped from its cloud backup service. The stolen files contain encrypted credentials, posing a risk for targeted attacks. SonicWall customers are advised to immediately secure their devices.

3P
Published: November 6, 2025 9:51 amAdded: November 6, 2025 at 2:07 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like SonicWall just got a not-so-sonic reality check! When your firewall is breached by a state-sponsored threat actor, it’s time to hit the reset button – literally, on all your passwords. Who knew the cloud could rain on your parade with a drizzle of encrypted credentials?

Key Points:

– SonicWall confirmed a state-sponsored threat actor was behind the September hack.
– Initially, less than 5% of customers’ data was reported stolen; this was later revised to all firewall preference files.
– The stolen files contain encrypted credentials and configuration data.
– SonicWall’s investigation, conducted with Mandiant, is complete and remediation actions are underway.
– Customers are advised to check firewall backups and reset passwords to mitigate risk.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?