Priya PatelTLDR:
Fortinet confirmed a data breach that compromised 440GB of customer data on a third-party cloud-shared drive. The breach did not involve data encryption, ransomware, or access to Fortinet’s corporate network. An individual gained unauthorized access to limited customer files, and the stolen data was offered for download on the dark web. Fortinet reassured customers of minimal disruption and initiated an investigation to terminate the unauthorized access.
Article Summary:
Fortinet has confirmed a data breach where 440GB of Azure SharePoint files containing customer data were compromised. An unauthorized individual gained access to limited customer files on a third-party cloud-based drive. The stolen data was offered for download on the dark web after Fortinet declined a ransom demand. Fortinet assured minimal disruption to its operations and initiated an investigation to address the breach.
The company reached out to customers to help with risk mitigation plans and stated that there was no evidence of malicious activity affecting customers. The breach did not impact Fortinet’s products or services. While the exact type and size of data breached were not publicly confirmed, Fortinet said it terminated the unauthorized access successfully. Questions regarding the breach and ransomware claims from the dark web remained unanswered.
The hacker, known as “Fortibitch,” claimed access to data from an open Amazon S3 bucket and made it public after Fortinet refused to pay the ransom. The hacker criticized Fortinet for not filing an SEC form detailing the loss from the incident. Fortinet had faced previous security incidents this year, including nation-state exploitation of critical vulnerabilities.
