Fortinet Confirms Data Breach: Hacker Steals 440 GB

Fortinet, a giant in the cybersecurity sphere, has confirmed a data breach following claims by a hacker of stealing 440 GB of files from the company’s Microsoft SharePoint server.

Fortinet is one of the largest companies in the field of cybersecurity, specializing in the sale of secure networking products, such as firewalls, routers, and VPN devices. Additionally, the company offers SIEM solutions, network management, EDR/XDR services, and consulting.

The incident occurred when an unidentified hacker posted on a cybercriminal forum, announcing the theft of 440 GB of data from Fortinet’s Azure SharePoint. The hacker also shared credentials for accessing an alleged S3 storage repository where the stolen files are supposedly stored.

The perpetrator, known by the alias “Fortibitch,” claims to have attempted to extort a ransom from Fortinet, likely to prevent the release of the data. However, the company declined to pay.

In response to inquiries regarding the incident, Fortinet confirmed the theft of client data from “a third-party cloud file storage.” A company spokesperson stated: “An unauthorized individual gained access to a limited number of files stored in a Fortinet third-party cloud repository, which contained restricted data related to a small number of Fortinet customers.”

Later, an update appeared on Fortinet’s website, noting that the incident affected less than 0.3% of the company’s customer base and did not result in any malicious activity directed at clients. The company also confirmed that the breach did not involve data encryption, ransomware deployment, or access to Fortinet’s corporate network.