Security News > 2024 > September > Fortinet confirms data breach after hacker claims to steal 440GB of files
Fortinet, a leading cybersecurity company, has confirmed a data breach after a threat actor, using the alias "Fortibitch," claimed to have stolen 440GB of data from its Microsoft SharePoint server hosted on Azure. Fortinet provides secure networking products like firewalls, routers, and VPNs, alongside services like SIEM, EDR/XDR, and consulting. The breach was first reported on a hacking forum, where the attacker shared credentials to an S3 bucket allegedly containing the stolen files. While the threat actor attempted to extort Fortinet, the company refused to pay the ransom.
Fortinet has acknowledged that a limited amount of customer data was stolen from a third-party cloud-based file drive. However, the company did not disclose the exact number of customers affected or the type of compromised data. Fortinet later updated its website, clarifying that less than 0.3% of its customer base was impacted and that no malicious activity had been directed toward these customers as a result of the breach. Additionally, Fortinet assured that the incident did not involve ransomware, data encryption, or unauthorized access to its corporate network.
This breach follows a similar incident in May 2023, when a threat actor claimed to have accessed Fortinet's Panopta GitHub repositories and leaked data on a Russian-speaking hacking forum. Fortinet has communicated with affected customers but has not provided further details about the breach in response to follow-up inquiries.
News URL
Related news
- Dell investigates data breach claims after hacker leaks employee info (source)
- Optus and Medibank Data Breach Cases Allege Cyber Security Failures (source)
- Hackers breach ISP to poison software updates with malware (source)
- ADT confirms data breach after customer info leaked on hacking forum (source)
- CSC ServiceWorks discloses data breach after 2023 cyberattack (source)
- How to Prevent Your First AI Data Breach (source)
- Toyota confirms third-party data breach impacting customers (source)
- National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident (source)
- CannonDesign confirms Avos Locker ransomware data breach (source)
- Patelco notifies 726,000 customers of ransomware data breach (source)