The company refused to pay the ransom for the stolen files.
Fortinet, a cybersecurity giant, has confirmed a data breach after a hacker claimed to have stolen 440 GB of files from the company's Microsoft Sharepoint server.
Fortinet is one of the largest cybersecurity companies specializing in the sale of secure network products such as firewalls, routers, and VPN devices. In addition, the company provides SIEM, network management, and EDR/XDR solutions, as well as consulting services.
The incident occurred when an unknown attacker posted information on a hacker forum about the theft of 440 GB of data from Azure Sharepoint Fortinet. The hacker also shared credentials to access the supposed S3 vault where the stolen files are allegedly stored.
The threat actor, known by the alias "Fortibitch," claims to have tried to blackmail Fortinet for ransom, likely to prevent the data from being published. However, the company refused to pay.
In response to inquiries about the incident, Fortinet confirmed the theft of customer data from a "third-party cloud file storage." A spokesperson for the company stated, "An unknown person gained unauthorized access to a limited number of files stored in Fortinet's third-party cloud storage, which included limited data associated with a small number of Fortinet customers."
Later, an update appeared on Fortinet's website, revealing that the incident affected less than 0.3% of the company's customer base and did not result in any malicious activity directed against customers. The company also confirmed that the incident did not involve data encryption, ransomware use, or access to Fortinet's corporate network.
Source
Fortinet, a cybersecurity giant, has confirmed a data breach after a hacker claimed to have stolen 440 GB of files from the company's Microsoft Sharepoint server.
Fortinet is one of the largest cybersecurity companies specializing in the sale of secure network products such as firewalls, routers, and VPN devices. In addition, the company provides SIEM, network management, and EDR/XDR solutions, as well as consulting services.
The incident occurred when an unknown attacker posted information on a hacker forum about the theft of 440 GB of data from Azure Sharepoint Fortinet. The hacker also shared credentials to access the supposed S3 vault where the stolen files are allegedly stored.
The threat actor, known by the alias "Fortibitch," claims to have tried to blackmail Fortinet for ransom, likely to prevent the data from being published. However, the company refused to pay.
In response to inquiries about the incident, Fortinet confirmed the theft of customer data from a "third-party cloud file storage." A spokesperson for the company stated, "An unknown person gained unauthorized access to a limited number of files stored in Fortinet's third-party cloud storage, which included limited data associated with a small number of Fortinet customers."
Later, an update appeared on Fortinet's website, revealing that the incident affected less than 0.3% of the company's customer base and did not result in any malicious activity directed against customers. The company also confirmed that the incident did not involve data encryption, ransomware use, or access to Fortinet's corporate network.
Source
