Sophos Breach Tied to Partner Portal

April 6, 2012 by Jon Callas     2 Comments

Security Week reports in, “Sophos Kills Partner Portal After Suffering Breach” that the security firm Sophos has disabled its partner portal after discovering a breach.

They aren’t saying much yet — kudos to them for their disclosure and response — but they think that the breach came from an older part of their portal, and not their new one hosted by SFDC. They expect the portal to come back after this week’s holidays.

I recommend two-factor authentication as a big help. I know a company that has a wide range of options including soft tokens that can run on smartphones. They got a perfect score from SC Magazine, are a price leader, and also won their award for Best Multifactor Authentication.

(Full disclosure — I work for them.)

Jon Callas


Jon Callas has over 30 years of experience and served as Entrust’s Chief Technology Officer. Prior to joining Entrust, Callas co-founded PGP Corporation which specialized in email and data encryption software. Over the course of more than fifteen years, Callas held leadership functions including CTO and CSO. Most recently, he also served as an operating system security expert with Apple. Additionally, he has held leadership positions with corporations including Wave Systems Corporation, Digital Equipment Corporation and Counterpane Internet Security Inc. He has also authored several Internet Engineering Task Force (IETF) standards including OpenPGP, DKIM, and ZRTP.

2 thoughts on “Sophos Breach Tied to Partner Portal

  1. Chris

    Winner against what competition? Looks like it has no protection against phishing or main-in-the-middle attacks (eg: malicious free wifi) or MitB malware, or basically, looks useless for todays internet

    1. Geoff BlaineEntrust Inc.

      The current version of Entrust IdentityGuard is designed specifically for “today’s Internet” to defend against threats such as MITB and MITM. As an example, the platform establishes a secure channel (TLS) between the Web application and mobile device to create a secure out-of-band channel to thwart any type of MITM or MITB attack. The post in question is more than 18 months, but you’re correct in stating it’s a fast-moving industry and threat vectors are dynamic and sophisticated. While the human element is always the weakest link in defending against concerns like phishing, mobile device certificates and authenticated VPN sessions are necessary to protect from threats like malicious Wi-Fi. Your concern perfectly shows how far the threat landscape has evolved in just 18 months.


Add to the Conversation