Cybersecurity big Fortinet has confirmed it suffered a knowledge breach after a menace actor claimed to steal 440GB of recordsdata from the corporate’s Microsoft Sharepoint server.
Fortinet is without doubt one of the largest cybersecurity firms on this planet, promoting safe networking merchandise like firewalls, routers, and VPN gadgets. The corporate additionally presents SIEM, community administration, and EDR/XDR options, in addition to consulting providers.
Early this morning, a menace actor posted to a hacking discussion board that they’d stolen 440GB of knowledge from Fortinet’s Azure Sharepoint occasion. The menace actor then shared credentials to an alleged S3 bucket the place the stolen knowledge is saved for different menace actors to obtain.
BleepingComputer has not accessed this storage bucket to substantiate if it incorporates Fortinet’s stolen recordsdata.
The menace actor, often called “Fortibitch,” claims to have tried to extort Fortinet into paying a ransom, prone to forestall the publishing of knowledge, however the firm refused to pay.
In response to our questions on incident, Fortinet confirmed that buyer knowledge was stolen from a “third-party cloud-based shared file drive.”
“A person gained unauthorized entry to a restricted variety of recordsdata saved on Fortinet’s occasion of a third-party cloud-based shared file drive, which included restricted knowledge associated to a small variety of Fortinet clients,” the corporate instructed BleepingComputer.
Earlier right now, Fortinet didn’t disclose what number of clients are impacted or what sort of knowledge has been compromised however mentioned that it “communicated instantly with clients as applicable.”
A later replace shared on Fortinet’s web site says that the incident affected lower than 0.3% of its buyer base and that it has not resulted in any malicious exercise concentrating on clients.
The cybersecurity firm additionally confirmed that the incident didn’t contain any knowledge encryption, ransomware, or entry to Fortinet’s company community.
BleepingComputer contacted Fortinet with extra questions in regards to the breach however has not acquired a reply presently.
In Could 2023, a menace actor claimed to have breached the GitHub repositories for the corporate Panopta, who was acquired by Fortinet in 2020, and leaked stolen knowledge on a Russian-speaking hacking discussion board.
Replace 9/12/24: Added up to date info Fortinet.