Last month, we received an alert from SonicWall about potential network compromises affecting some businesses due to a zero-day exploit (an unknown vulnerability) in their systems. However, it was later determined that the issue was not related to a zero-day vulnerability but rather caused by admin configuration errors.
To ensure maximum security, we proactively implemented whitelist-only access for VPN and administrative functions. We kept these measures in place even after the initial concerns were cleared up.
On September 17th, 2025, SonicWall announced a new security breach: one of their online databases containing device backup files was compromised by hackers. As a result, they are now advising all customers to enforce whitelist-only access for VPN and admin access and to reset all user VPN passwords.
While we already have many of the recommended security settings in place, there are additional updates we are required to implement. You can find more details here: Essential Credential Reset Guide
We understand that these measures may cause inconvenience, and we greatly appreciate your patience as we implement the necessary changes. Most updates will occur after hours and will not disrupt your daily operations; however, there are some changes that will impact users:
VPN Passwords: We will be resetting all VPN passwords.
Wi-Fi Password: If you are using SonicWall access points, we will need to update your Wi-Fi password.
As of now, none of our clients’ devices appear in the list of compromised systems (fewer than 5% of devices are affected). Nevertheless, we are taking these precautionary steps to ensure continued security, and we thank you for your understanding and cooperation.
If you have any questions or concerns, feel free to reach out to us at (305) 433-6663