{"id":236,"date":"2024-09-13T12:38:38","date_gmt":"2024-09-13T12:38:38","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=236"},"modified":"2024-09-13T12:38:38","modified_gmt":"2024-09-13T12:38:38","slug":"fortinet-confirms-breach-that-likely-leaked-440gb-of-customer-data","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=236","title":{"rendered":"Fortinet confirms breach that likely leaked 440GB of customer data"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Fortinet has confirmed a data breach that has allegedly compromised 440GB of Azure SharePoint files containing Fortinet customer data.<\/p>\n

The company, in a Thursday blog<\/a>, said it suffered a security breach that has compromised a \u201climited\u201d number of customer files without involving any data encryption, deployment of ransomware, or access to Fortinet\u2019s corporate network.<\/p>\n

\u201cAn individual gained unauthorized access to a limited number of files stored on Fortinet\u2019s instance of a third-party cloud-based shared file drive, which included limited data related to a small number (less than 0.3%) of Fortinet customers,\u201d Fortinet said.<\/p>\n

Someone using the moniker \u201cFortibitch\u201d, meanwhile, offered<\/a> the stolen data for download on the dark web after Fortinet allegedly declined a ransom demand from them.<\/p>\n

Fortinet assures minimal disruption<\/h2>\n

There has been no indication that the incident resulted in malicious activity affecting any customers, Fortinet said in the blog. \u201cFortinet\u2019s\u00a0operations, products, and services have not been impacted, and we have identified no evidence of additional access to any other Fortinet resource.\u201d<\/p>\n

Although the blog was posted hours after the alleged dumping of stolen data on the dark web, Fortinet said it immediately reached out to customers and helped them with the risk mitigation plans.<\/p>\n

\u201cGiven the limited nature of the incident, we have not experienced, and do not currently believe that the incident is reasonably likely to have, a material impact to our financial condition or operating results,\u201d the cybersecurity giant added. The company also said that it initiated an investigation and has now successfully terminated the unauthorized access.<\/p>\n

Fortinet is yet to publicly confirm the type and size of data breached in the incident. Questions emailed to Fortinet regarding the validity of Fortibitch\u2019s ransomware<\/a> claims and additional details on the breach remained unanswered till the publishing of this article.<\/p>\n

Failed negotiations<\/h2>\n

Fortibitch, in their claim on the dark web, said they were able to access Azure SharePoint data from an open Amazon S3 bucket and are now making it all public as Fortinet has declined their ransom demands.<\/p>\n

The hacker, reportedly, has also shared the credentials to the open Amazon S3 bucket as a retaliatory step. They also called Fortinet out for not yet filing an SEC form 8-K detailing the loss from the incident, a fact Fortinet\u2019s shareholders and customers may not like.<\/p>\n

Several internet users praised Fortinet for not paying up but that may yet change as additional details about the incident and the nature of the data compromised pour in. Fortinet has suffered multiple security incidents this year, including nation-state exploitation<\/a> of critical Nday bugs.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Fortinet has confirmed a data breach that has allegedly compromised 440GB of Azure SharePoint files containing Fortinet customer data. The company, in a Thursday blog, said it suffered a security breach that has compromised a \u201climited\u201d number of customer files without involving any data encryption, deployment of ransomware, or access to Fortinet\u2019s corporate network. \u201cAn […]<\/p>\n","protected":false},"author":0,"featured_media":237,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-236","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/236"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=236"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/236\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/237"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=236"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=236"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}