Skip to main content
close search
site logo

SonicWall customers warned about brute force attacks against cloud backup service

Hackers have gained access to key information that could help exploit firewalls.

Published Sept. 23, 2025
David Jones's headshot
Reporter
Fingers hover over a computer keyboard with numbers on a screen, against a shadowy backdrop.
jariyawat thinsandee via Getty Images

Hackers are conducting brute force attacks against the MySonicWall.com portal in order to access the company’s cloud backup service for firewalls, SonicWall and federal authorities warned in advisories released Monday.

SonicWall said its investigation found that hackers gained access to 5% of backup firewall preference files. The company warned that while credentials inside the files were encrypted, the files contained other information that could help attackers exploit the firewall, according to the advisory.  

SonicWall also released a video explaining the scope of the incident. 

In an advisory on Monday, the Cybersecurity and Infrastructure Security Agency urged customers to log into their accounts to determine whether their devices are at risk. 

SonicWall last week began an investigation related to the exposure of firewall configuration backup files, according to researchers at Arctic Wolf

SonicWall terminated an “unauthorized backup point” and began working with multiple cybersecurity firms and law enforcement agencies to figure out the extent of the damage. 

Researchers urged users to reset their stored credentials. 

Firewall configuration files contain sensitive information, including user, group DNS and log settings. Researchers said that nation-state hackers and ransomware groups previously have exploited such information to conduct subsequent attacks. 

Filed Under: Breaches, Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Migliaccio & Rathod LLP Investigates Cornwell Quality Tools Data Breach Affecting Over 100,000…
From Migliaccio & Rathod LLP
September 09, 2025
Newsblaze Rankings: 11 Cybersecurity Founders You Should Pay Attention To
From Newsblaze, Tech Staff
September 15, 2025
ThreatHunter.ai Calls Out the Second MFA Lie: “Compliance Says MFA = Job Done”
From ThreatHunter.ai
September 12, 2025
Genians USA Elevates Computer Integration Technologies, Inc. (CIT) to Gold Partner Status
From Genians
September 19, 2025
Genians logo
Editors' picks
Latest in Breaches
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.