Fortinet has confirmed a data breach incident after a malicious party published a 440 GB data package on an Internet black market claiming to have managed to steal data from the organization’s Microsoft Sharepoint server. The affected party is one of the largest players in the security market, selling network products, a wide portfolio of firewalls, routers and VPN devices, as well as SIEM, network management and EDR/XDR solutions, as well as consulting services.
According to the claim of the threat actor calling himself “Fortibitch”, he tried to get the victim to pay a ransom to avoid publishing the data, but the company did not comply with the request, so he gave access data to the storage location where the stolen package is stored, so that in principle anyone can download it .
Autumn mix from ghost jobs to harmful bootcamps
This time again, we covered several topics related to IT careers.
Fortinet did confirm that customer data was stolen from “a cloud-based shared drive of an external provider”, so presumably from the Sharepoint instance running in Azure, but tried to soften the edge of the situation. According to the company’s official communication, an individual managed to gain unauthorized access to a limited number of files stored on the drive, but the incident only affected less than 0.3 percent of the customer base. Based on the investigations so far, there has been no misuse of the acquired data.
According to the cyber security company, the incident did not involve any data encryption and no extortion took place, for now a joint investigation with law enforcement authorities and an external security party is ongoing. According to Fortinet, the incident will not have a significant impact on its financial position or operating results.
A more serious consequence in the long term could be the tarnishing of the company’s reputation, as this is not the first time that an organization active in the security market has been involved in a security incident. Not so long ago, in February of this year, it became public that Chinese actors exploited a vulnerability hidden in the Fortinet firewall to break into a Dutch military network.
Source: www.hwsw.hu
