Cybersecurity large Fortinet has confirmed it suffered an information breach after a risk actor claimed to steal 440GB of recordsdata from the corporate’s Microsoft Sharepoint server.
Fortinet is without doubt one of the largest cybersecurity firms on this planet, promoting safe networking merchandise like firewalls, routers, and VPN units. The corporate additionally provides SIEM, community administration, and EDR/XDR options, in addition to consulting companies.
Early this morning, a risk actor posted to a hacking discussion board that they’d stolen 440GB of information from Fortinet’s Azure Sharepoint occasion. The risk actor then shared credentials to an alleged S3 bucket the place the stolen knowledge is saved for different risk actors to obtain.
BleepingComputer has not accessed this storage bucket to substantiate if it accommodates Fortinet’s stolen recordsdata.
The risk actor, often called “Fortibitch,” claims to have tried to extort Fortinet into paying a ransom, prone to forestall the publishing of information, however the firm refused to pay.
In response to our questions on incident, Fortinet confirmed that buyer knowledge was stolen from a “third-party cloud-based shared file drive.”
“A person gained unauthorized entry to a restricted variety of recordsdata saved on Fortinet’s occasion of a third-party cloud-based shared file drive, which included restricted knowledge associated to a small variety of Fortinet clients,” the corporate advised BleepingComputer.
Earlier at this time, Fortinet didn’t disclose what number of clients are impacted or what sort of knowledge has been compromised however mentioned that it “communicated instantly with clients as applicable.”
A later replace shared on Fortinet’s web site says that the incident affected lower than 0.3% of its buyer base and that it has not resulted in any malicious exercise concentrating on clients.
The cybersecurity firm additionally confirmed that the incident didn’t contain any knowledge encryption, ransomware, or entry to Fortinet’s company community.
BleepingComputer contacted Fortinet with extra questions concerning the breach however has not acquired a reply presently.
In Might 2023, a risk actor claimed to have breached the GitHub repositories for the corporate Panopta, who was acquired by Fortinet in 2020, and leaked stolen knowledge on a Russian-speaking hacking discussion board.
Replace 9/12/24: Added up to date info Fortinet.