Microsoft has today announced a data breach that affected one of its customer databases.
SOPHOS.bak is the backup file. DBServer SOPHOS is a combination of the database server name and SQL instance name. SOPHOS552 is the database name to be restored. This is the database for Enterprise Console 5.5.2. Sophos Managed Threat Response (MTR) delivers 24/7 threat hunting, detection, and response delivered by an expert team as a fully-managed service. Other managed services, such as Microsoft Threat Experts, simply notify you of attacks or suspicious events. Then it’s up to you to respond to things from there. Sophos XG Firewall is a next-generation firewall in an all-in-one solution. It combines advanced networking, protections such as Intrusion Prevention Systems (IPS) and Web Application Firewall (WAF), plus user and application controls. Sophos Home Premium Security Delivers Advanced, Real-Time Antivirus Protection from the Latest Ransomware, Hacking Attempts and More. Get Sophos Home Today. Sophos for Microsoft SharePoint release notes Version 2 Version 2 can be used to protect Microsoft SharePoint 2007 and 2010.
The blog article, entitled Access Misconfiguration for Customer Support Databases, admits that between 05 December 2019 and 31 December 2019, a database used for “support case analytics” was effectively visible from the cloud to the world.
Microsoft didn’t give details of how big the database was. However, consumer website Comparitech, which says it discovered the unsecured data online, claims it was to the order of 250 million records containing:
…logs of conversations between Microsoft support agents and customers from all over the world, spanning a 14-year period from 2005 to December 2019.
According to Comparitech, that same data was accessible on five Elasticsearch servers.
The company informed Microsoft, and Microsoft quickly secured the data.
Microsoft’s official statement states that “the vast majority of records were cleared of personal information,” meaning that it used automated tools to look for and remove private data.
However, some private data that was supposed to be redacted was missed and remained visible in the exposed information.
Microsoft didn’t say what type of personal information was involved, or which data fields ended up un-anonymised.
It did, however, give one example of data that would have been left behind: email addresses with spaces added by mistake were not recognised as personal data and therefore escaped anonymisation.
So if your email address were recorded as “[email protected]” your data would have been converted into a harmless form, whereas “name[space]@example.com” (an easy mistake for a support staffer to make when capturing data) would have been left alone.
Microsoft has promised to notify anyone whose data was inadvertently exposed in this way, but didn’t say what percentage of all records were affected.
What to do?
We don’t know how many people were affected or exactly what personal data was opened up for those users.
We also don’t know who else, besides Comparitech, may have noticed in the three weeks it was exposed, although Microsoft says that it “found no malicious use”.
Sophos Microsoft Exchange Hack
We assume that if you don’t hear from Microsoft, even if you did contact support during the 2005 to 2019 period, then either your data wasn’t in the exposed database, or there wasn’t actually enough in the leaked database to allow anyone, including Microsoft itself, to identify you.
It’s nevertheless possible that crooks will contact you claiming that you *were* in the breach.
They might urge you to take steps to “fix” the problem, such as clicking on a link and logging in “for security reasons”, or to “confirm your account”, or on some other pretext.
Remember: if ever you receive a security alert email, whether you think it is legitimate or not, avoid clicking on any links, calling any numbers or taking any online actions demanded in the email.
Find your own way to the site where you would usually log in, and stay one step ahead of phishing emails!
|Founded||1985; 36 years ago|
|Revenue||$640.7 million (2018)|
|US$46.9 million (2018)|
|US$66.3 million (2018)|
Number of employees
Sophos Microsoft Edge
Sophos Group plc is a British security software and hardware company. Sophos develops products for communication endpoint, encryption, network security, email security, mobile security and unified threat management. Sophos is primarily focused on providing security software to 100- to 5,000-seat organizations. While not a primary focus, Sophos also protects home users, through free and paid antivirus solutions (Sophos Home/Home Premium) intended to demonstrate product functionality. It was listed on the London Stock Exchange until it was acquired by Thoma Bravo in February 2020.
Sophos Microsoft Exchange Zero Day
Sophos was founded by Jan Hruska and Peter Lammer and began producing its first antivirus and encryption products in 1985. During the late 1980s and into the 1990s, Sophos primarily developed and sold a range of security technologies in the UK, including encryption tools available for most users (private or business). In the late 1990s, Sophos concentrated its efforts on the development and sale of antivirus technology, and embarked on a program of international expansion.
In 2003, Sophos acquired ActiveState, a North American software company that developed anti-spam software. At that time viruses were being spread primarily through email spam and this allowed Sophos to produce a combined anti-spam and antivirus solution. In 2006, Peter Gyenes and Steve Munford were named chairman and CEO of Sophos, respectively. Jan Hruska and Peter Lammer remain as members of the board of directors. In 2010, the majority interest of Sophos was sold to Apax. In 2010, Nick Bray, formerly Group CFO at Micro Focus International, was named CFO of Sophos.
In 2011, Utimaco Safeware AG (acquired by Sophos in 2008–9) were accused of supplying data monitoring and tracking software to partners that have sold to governments such as Syria: Sophos issued a statement of apology and confirmed that they had suspended their relationship with the partners in question and launched an investigation. In 2012, Kris Hagerman, formerly CEO at Corel Corporation, was named CEO of Sophos and joined the company's board. Former CEO Steve Munford became non-executive chairman of the board. In February 2014, Sophos announced that it had acquired Cyberoam Technologies, a provider of network security products. In June 2015, Sophos announced plans to raise $US100 million on the London Stock Exchange. Sophos was floated on the FTSE in September 2015.
On 14 October 2019 Sophos announced that Thoma Bravo, a US-based private equity firm, made an offer to acquire Sophos for US$7.40 per share, representing an enterprise value of approximately $3.9 billion. The board of directors of Sophos stated their intention to unanimously recommend the offer to the company's shareholders. On 2 March 2020 Sophos announced the completion of the acquisition.
Acquisitions and partnerships
From September 2003 to February 2006, Sophos served as the parent company of ActiveState, a developer of programming tools for dynamic programming languages: in February 2006, ActiveState became an independent company when it was sold to Vancouver-based venture capitalist firm Pender Financial. In 2007, Sophos acquired ENDFORCE, a company based in Ohio, United States, which developed and sold security policy compliance and Network Access Control (NAC) software. In November 2016, Sophos acquired Barricade, a pioneering start-up with a powerful behavior-based analytics engine built on machine learning techniques, to strengthen synchronized security capabilities and next-generation network and endpoint protection. In February 2017, Sophos acquired Invincea, a software company that provides malware threat detection, prevention, and pre-breach forensic intelligence.
Sophos Microsoft Authenticator
In March 2020, Thoma Bravo acquired Sophos for $3.9 billion.
- ^ abcd'Annual Report 2018'(PDF). Sophos. Retrieved 20 March 2019.
- ^'Sophos: the early years'. Naked Security.
- ^'Exterminator Tools'. Windows IT Pro. 15 November 1999. Retrieved 24 April 2017.
- ^'Sophos acquires anti-spam specialist ActiveState'. www.sophos.com. Retrieved 3 January 2016.
- ^'Sophos Management Team Global Leaders in IT Security'. sophos.com.
- ^'Apax Partners to acquire majority stake in Sophos'.
- ^'Board of Directors'.
- ^'The Bureau Investigates article'. Archived from the original on 4 December 2011.
- ^'Statement from Sophos on Recent Media Reports'.
- ^'Sophos Board of Directors webpage'.
- ^'Sophos Acquires Cyberoam to Boost Layered Defense Portfolio'. Infosecurity Magazine.
- ^'Sophos Plans $100 Million London IPO'.
- ^'Sophos joins the UK's top public companies in the FTSE 250'.
- ^'Sophos founders exit before Thoma Bravo sale'. Global Capital. 5 December 2019. Retrieved 25 February 2020.
- ^'Sophos opens new chapter with take-private acquisition'.
- ^'ActiveState Acquired by Employees and Pender Financial Group; Company Renews Focus on Tools and Solutions for Dynamic Languages'. Business Wire. 22 February 2006. Retrieved 24 April 2017.
- ^'Sophos buys Endforce for network access control'. Network World. 11 January 2007. Retrieved 24 April 2017.
- ^Wauters, Robin. 'Sophos beefs up on online security, acquires Dutch security software firm SurfRight for $31.8 million'. Retrieved 2 August 2016.
- ^'Sophos Adds Advanced Machine Learning to Its Next-Generation Endpoint Protection Portfolio with Acquisition of Invincea'. Sophos. 8 February 2017. Retrieved 11 February 2017.
- ^'Sophos grows anti-malware ensemble with Invincea'. Sophos. 8 February 2017. Retrieved 11 February 2017.
One may ask, if you already have great next-generation technology, why do you need Invincea’s technology?...Think of Invincea as the superhero that takes our ensemble to the next level – the entity that adds neural network-based machine learning to the team.
- ^'Sophos to Acquire Invincea to Add Industry Leading Machine Learning to its Next Generation Endpoint Protection Portfolio'. Invincea. 8 February 2017. Retrieved 11 February 2017.
- ^'Thoma Bravo completes $3.9B Sophos acquisition'. TechCrunch. Retrieved 7 April 2020.