HQ/EMEAFind out how we can help your business
The Fortinet data breach has resulted in stealing 440GB of files after the threat actors successfully compromised the firm’s Microsoft Sharepoint server.
Fortinet is a cybersecurity firm that offers secure networking solutions such as firewalls, routers, and VPN devices, but this latest incident could significantly impact its reputation. The company might also suffer sales struggles as it provides SIEM, network management, EDR/XDR solutions, and consultancy services.
A threat actor named Fortibitch has claimed responsibility for the Fortinet data breach.
A malicious entity dubbed Fortibitch announced on a hacker forum that it had stolen 440GB of files during the Fortinet data breach incident. Moreover, this threat actor released credentials for a purported S3 bucket containing stolen data as proof of the legitimacy of its claim.
This leaked S3 bucket that contains the company’s stored information could also be downloaded by other threat actors. However, the server hosting the stolen data is currently down, though Fortibitch has offered to share the stolen files through alternative methods.
Additionally, Fortibitch claims to have attempted to pressure Fortinet into paying a ransom, most likely to prevent a data leak, but the business refused to comply with its demands. On the other hand, Fortinet verified on the latest inquiry that the stolen data came from its third-party cloud-based shared file drive.
The company explained that an individual acquired unauthorised access to a small number of files on the company’s instance of a third-party cloud-based shared storage drive. However, the compromised storage drive includes restricted information about many Fortinet customers.
Fortinet would not disclose how many customers the data breach has impacted or what type of data was exposed but did reveal that it already contacted the affected customers.
According to a later update on Fortinet’s website, the issue affected less than 0.3% of its customer base and did not result in malicious activities directed toward customers.
The cybersecurity firm also insisted that the incident did not involve data encryption, ransomware, or Fortinet’s corporate network access.
As of now, the data breach is still clouded with mystery since its nature is still under investigation. Customers of the affected firm should be on the lookout, as they could be among the alleged 0.3% impacted individuals.
