Fortinet, a renowned cybersecurity firm, has confirmed a data breach involving a third-party cloud service after a hacker, known by the alias “Fortibitch,” claimed to have stolen 440GB of data. This breach primarily affects a small number of Fortinet’s Asia-Pacific customers, with compromised data reportedly stored on a cloud-based shared file drive. The hacker claims to have accessed Fortinet’s Azure SharePoint server and subsequently leaked the data online.
The cybersecurity firm initially disclosed the breach on September 12, 2024, following the hacker’s announcement on a cybercrime forum. According to reports, the hacker shared credentials with an Amazon S3 bucket purportedly containing the stolen data, although Fortinet has not confirmed the specific contents of the data.
Despite this breach, Fortinet has reassured that its operations, products, and services remain unaffected, with no evidence of malicious activity targeting its customers as a result of this incident. A Fortinet spokesperson stated, “An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number of Fortinet customers, and we have communicated directly with customers as appropriate.”
The hacker, known as “Fortibitch,” has accused Fortinet of failing to secure its cloud infrastructure, particularly following its recent acquisitions of cloud security firms like Next DLP and Lacework. The hacker also alleged that Fortinet’s CEO, Ken Xie, walked away from ransom negotiations, leading to the public release of the stolen data.
While Fortinet has downplayed the breach as involving a “limited number” of files, the claim of 440GB of data by the hacker raises concerns about the extent of the breach. The incident has not required an SEC 8-K disclosure, as Fortinet does not believe it will materially impact its financial condition or operations.
However, this breach underscores the ongoing challenges faced by cybersecurity firms in safeguarding sensitive data, especially during system migrations and integrations following acquisitions. It is the latest security challenge for Fortinet, which has previously encountered vulnerabilities exploited by hackers.
Fortinet continues to monitor the situation and has reiterated its commitment to upholding the security and integrity of its services. As the investigation progresses, stakeholders will closely observe Fortinet’s response to the breach, with implications for the company’s reputation and operations.
As cybersecurity professionals and customers monitor the developments in the aftermath of this breach, the potential for further disclosures related to the hacker’s claims and any additional impacts on Fortinet’s operations remains a focal point. The breach serves as a reminder of the importance of robust cybersecurity measures in safeguarding data and protecting against malicious threats.
In conclusion, the handling of the breach by Fortinet and the subsequent fallout from this incident will continue to be scrutinized in the cybersecurity industry, highlighting the critical importance of proactive security measures in an increasingly interconnected digital landscape.
Serbian 
English 
Albanian 
Croatian 