SonicWall on Tuesday said an investigation found that a state-sponsored threat actor was behind the attacks impacting customers of its MySonicWall cloud backup service.
The company said the attacks against its backup service were unrelated to recent attacks on its edge devices, which security researchers linked to Akira ransomware.
SonicWall president and CEO Bob VanKirk released a six-minute video outlining a series of governance changes that began earlier this year. SonicWall has navigated through a tumultuous 2025, confronting multiple product vulnerabilities and attacks that have raised questions about its security culture.
“Throughout this incident, we have been and remain committed to acting with a sense of urgency and accountability, communicating frequently and transparently and listening to you and learning from this event so that we emerge stronger than before,” VanKirk said in the video address.
SonicWall in September warned of brute force attacks against the MySonicWall service, but at the time claimed that only 5% of customers were impacted. In October, the company admitted that the attack affected all MySonicWall customers.
No SonicWall products or firmware were impacted by the attack. There was no disruption of SonicWall systems, tools source code or customer networks.
In the video, VanKirk said he has been meeting with customers and partners to provide updates on how the company is responding to this incident and working to address larger concerns about security.
SonicWall has been hosting question-and-answer sessions and providing “commercial concessions” to help customers recover from the costs of dealing with the attack.
In August, SonicWall faced questions related to Akira ransomware attacks against firewall customers, which were originally thought to be linked to a zero-day vulnerability. The company said the attacks were instead related to a prior vulnerability, tracked as CVE-2024-40766.
VanKirk said the company has enacted several changes to improve its governance and security culture, including the adoption of secure by design practices, to make sure its products were safe to use out of the box.