Cybersecurity firm Fortinet has confirmed that user data was stolen from its Microsoft SharePoint server and posted on a hacking forum earlier today, according to a report by BleepingComputer.
The threat actor, known as “Fortibitch,” shared credentials to what is claimed to be an S3 bucket (an online file storage system), with a total of 440GB available for download.
Despite an extortion attempt, Fortinet refused to comply with the demands. The company has already notified affected users, though it has not specified the exact data that was stolen.
In a statement, Fortinet clarified: “An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number of Fortinet customers.”
Fortinet has emphasized its commitment to protecting customers and maintaining the integrity of its business operations. The company confirmed that the unauthorized access affected less than 0.3% of its customer base.
“To be clear: To date, there is no indication that this incident has resulted in malicious activity affecting any customers,” Fortinet said.
The security giant Fortinet reassured stakeholders that its operations, products, and services remain unaffected, with no evidence of further access to other resources within its network. The incident did not involve data encryption, ransomware deployment, or access to Fortinet’s corporate network.
Following the breach, the company took immediate action to safeguard affected customers, providing direct communication and support for risk mitigation. The company also stated that the incident is not expected to have a material impact on its financial condition or operating results. Fortinet promptly launched an investigation, terminated the unauthorized access, and notified law enforcement and global cybersecurity agencies. A leading external forensics firm was brought in to validate the findings of Fortinet’s internal investigation. To prevent similar incidents, Fortinet has strengthened its internal processes, including enhanced account monitoring and threat detection measures.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.