Fortinet Confirms Data Breach Following Claim by Hacker of Having Stolen 440 GB of Files
Overview
The cybersecurity giant Fortinet has confirmed that a data breach has occurred after a threat actor claimed to have stolen 440 GB of files from the company’s Microsoft Sharepoint server. Fortinet is known for its secure network products and services in the field of cybersecurity.
Key Insights
- A threat actor has stolen 440 GB of data from Fortinet’s Azure Sharepoint instance.
- The stolen data was stored in an S3 bucket and made accessible to other threat actors.
- Fortinet has confirmed that customer data was stolen from a “cloud-based shared drive of a third party”.
- Less than 0.3% of Fortinet’s customer base is affected.
- There were no malicious activities targeting customers.
- The incident did not involve data encryption, ransomware, or access to Fortinet’s corporate network.
Details of the Incident
A threat actor calling themselves “Fortibitch” posted in a hacking forum that they had stolen 440 GB of data from Fortinet’s Azure Sharepoint instance. The threat actor then shared credentials to an alleged S3 bucket where the stolen data is stored, allowing other threat actors to download it.
Fortinet confirmed that an “individual gained unauthorised access to a limited number of files on Fortinet’s instance of a cloud-based shared drive of a third party, which contained limited data relating to a small number of Fortinet customers”.
Fortinet's Response
Fortinet has not disclosed how many customers are affected or what type of data was compromised, but stated that it has “communicated directly with the affected customers”. A later update on Fortinet’s website states that the incident has affected less than 0.3% of the customer base and that there were no malicious activities targeting customers.
Previous Incidents
In May 2023, a threat actor claimed to have hacked the GitHub repositories of the company Panopta, which was acquired by Fortinet in 2020, and published stolen data in a Russian-speaking hacking forum.
Sources
- Fortinet confirms data breach after hacker claims to steal 440GB of files, BleepingComputer.