Cybersecurity firm Fortinet has confirmed that user data has been taken from its Microsoft Sharepoint server and was posted to a hacking forum early this morning, as BleepingComputer reports.
The threat actor, “Fortib**ch,” shared the credentials to an alleged S3 bucket (a digital box to store files online) for others to download, claiming the total is 440GB.
Although the threat actor tried to extort Fortinet, the cybersecurity company refused to pay. The cybersecurity company has already communicated with affected users regardin,g the issue but has not confirmed the specific data the threat actor took.
In response to questions by BleepingComputer, the cybersecurity company said: “An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number of Fortinet customers.”
For now, the company has not confirmed how many users are affected, but said it did affect those located in the Asia-Pacific region. The incident has not impacted operations at the company, and services are still running smoothly.
Hopefully, the information about how many were affected will be released soon. Unfortunately, this isn’t the only time Fortinet has had a similar incident, as Chinese hackers allegedly breached 20,000 protected systems worldwide over a few months between 2022 and 2023 to inject malware into a weak network.
The Sunnyvale, California-based company sells secure networking products like VPN services, routers, and firewalls. It is valued at nearly $60 billion and is one of the most prominent players in the cybersecurity industry.
This incident is just one of many data breaches recently reported. Earlier this week, 1.7 million users’ credit card info was stolen from payment gateway provider Slim CD.
