US cybersecurity giant Fortinet has confirmed that it suffered a data leak after a threat actor claimed to have stolen 440GB of files from the company’s Microsoft SharePoint servers.
Fortinet is one of the largest cybersecurity companies in the world that sells network security products such as Firewalls, Routers, and VPN devices. The company also offers SIEM solutions, network management, EDR/XDR, as well as consulting services.
As reported by Bleeping Computer, a threat perpetrator posted on a hacking forum that they had stolen 440GB of data from Fortinet’s Azure SharePoint instance. The attacker then shared the credentials to an S3 bucket that claimed to contain the stolen data, so that it could be downloaded by other threat actors.
Indodax Allegedly Suffered Data Leakage, Losses Reached Rp335 Billion Due To Illegal Transactions
The perpetrator of the threat, known as “Fortibitch”, claimed to have tried to blackmail Fortinet into paying a ransom, possibly to prevent the publication of the data. However, Fortinet refused to pay.
In response to questions regarding this incident, Fortinet confirmed that customer data had been stolen from a “third-party cloud-based file drive”.
“An individual gained unauthorized access to a limited number of files stored on Fortinet’s third-party cloud-based file drive instance, which included limited data regarding a small number of Fortinet customers,” a company representative told BleepingComputer.
See Also:
Cybersecurity vulnerability in Indonesia, 69 percent of Data leaks occur in the public sector
Fortinet has not disclosed how many customers have been affected or what type of data has been compromised. However, the company states that they “communicate directly with the customers involved as needed.”
In an update later shared on Fortinet’s official website, it was mentioned that the incident affected less than 0.3% of their customer base and did not result in any malicious activity targeting customers.
The company also confirmed that this incident did not involve data encryption, ransomware attacks, or access to Fortinet’s internal network.
See Also:
Marcus Scharra: AI and PAM the key to Data protection in the Cyber Age
BleepingComputer has contacted Fortinet for additional questions regarding the breach, but has not received a response to date.
In May 2023, a threat actor claimed to have broken into GitHub repositories belonging to Panopta, a company acquired by Fortinet in 2020. The stolen Data was later leaked on a Russian-language hacking forum.