Cybersecurity firm Fortinet has admitted that someone gained unauthorised access to a limited number of files stored on its instance of a third-party cloud-based shared file drive which included customer data. The company terminated the unauthorised access and is working with law enforcement and cybersecurity experts on an investigation.
Fortinet’s statement tries hard to downplay the number of files lost, claiming the breach “included limited data related to a small number” of its customers, 0.3 per cent to be exact. It also added that there’s no indication of the leaked data being misused so far, its operations, services, and products haven’t been affected, and the incident did not involve “any data encryption, deployment of ransomware, or access to Fortinet’s corporate network.”
However, The Register reports that someone named “Fortibitch” offered nearly 440GB worth of Azuer SharePoint files for download on an underground hacking forum on September 12. The files allegedly contain Fortinet customer data stolen from an open Amazon S3 bucket. The individual also claimed to have asked Fortinet for a ransom before leaking the data but was denied the pleasure.
2024 has not been kind to Fortinet, especially considering it’s in the security business. The company has suffered three major setbacks in January, February, and June of 2024 alone. These mostly included patching previously unknown critical flaws in its products, and not knowing whether or not the vulnerable devices had been exploited or not.
Fortibitch also pointed out that the company hadn’t filed a K-8 form to the SEC detailing the loss, an act that would alert shareholders and customers. However, given the fact that Fortinet hasn’t experienced, or believes that “the incident is reasonably likely to have, a material impact to our financial condition or operating results”, frees it from filing the form.
In the News: US Treasury sanctions Cambodian senator for role in online scams