H-ISAC TLP White Threat Bulletin SonicWall MySonicWall Cloud Backup Incident

SonicWall has disclosed a security incident in which threat actors gained unauthorized access to backup firewall preference files stored in its cloud service, MySonicWall.com. Although the credentials within these files were encrypted, they also contained other sensitive configuration data that could significantly facilitate future exploitation of related firewalls.

The incident is not attributed to ransomware activity but rather a series of brute force attacks aimed at gaining access to the preference files. SonicWall has prompted password resets and provided new, updated preference files to help users mitigate the potential impact.

Health-ISAC provides this information to increase situational awareness and encourage users who leverage the cloud backup feature to take immediate action to determine their exposure and mitigate any potential risk.

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Special Bulletin
House Releases Continuing Resolution to Fund Government, Extends Key Health Care Provisions
Member
Advisory
AHA Warns of Targeted Cyber Attacks on Retirement Accounts
Member
Advisory
Ongoing Attack Impacting Microsoft SharePoint Servers Managed on Premises
Public
AHA Center for Health Innovation Market Scan
Microsoft Plan to Help Rural Care Facilities Improve Cybersecurity Gains Traction
Public
Testimony
AHA Statement to Senate HELP Committee on Cybersecurity
Public
Advancing Health Podcast
When Cyberattacks Strike: Is Your Board Ready?
Public