Fortinet Confirms Data Breach After Hacker Claims to Steal 440GB of Files

Fortinet, one of the world’s leading cybersecurity firms, has confirmed a data breach in which a hacker claimed to have stolen 440GB of files from the company’s Microsoft SharePoint server. The threat actor, known by the alias “Fortibitch,” initially announced the breach on a hacking forum, sharing credentials to an Amazon S3 bucket where the stolen data was allegedly stored. The hacker also claimed to have tried to extort Fortinet into paying a ransom to prevent the data from being leaked, but the company refused to comply​(BleepingComputer)​(SecurityWeek).

Fortinet responded by confirming that an individual gained unauthorized access to a limited number of files stored on a third-party cloud-based shared file drive. The company emphasized that this breach impacted less than 0.3% of its customer base and stated that there is no evidence of malicious activity targeting customers. Furthermore, Fortinet clarified that the incident did not involve data encryption, ransomware deployment, or access to the company’s corporate network. The company has been working with external forensics experts to investigate and validate its findings, and has implemented additional internal processes to prevent similar incidents in the future​(BleepingComputer)​(SecurityWeek).

The incident raises concerns about the security of cloud-based storage systems, even for companies specializing in cybersecurity. Fortinet’s quick response and transparency about the breach are steps toward mitigating potential damage and rebuilding trust with their customer base​(TechWorm).