Exploit: Misconfiguration
Sophos: Cybersecurity Provider
Risk to Small Business: 2.336 = Severe A misconfigured database with access permission issues is to blame for the exposure of client data at Sophos. The company stated that the exposed database was used to store information on customers who have contacted Sophos Support. This is the second major security incident Sophos has dealt with this year.
Individual Risk: 2.772 = Moderate The database did not contain any sensitive information. Sophos disclosed that the exposed information included details such as customer first and last names, email addresses, and phone numbers. Clients should be alert to potential spear phishing risk using this data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Nocomany can avoid occasional problems like this, whether they’re caused by malfunctioning software or an employee misclick. Putting extra layers of security in place helps mitigate the damage of these troublesome security incidents.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
