Fortinet Hit by Data Breach: Hacker Steals 440GB of Sensitive Files
Fortinet, a global cybersecurity leader, has confirmed a significant data breach following claims by a hacker who alleged the theft of 440GB of files from the company's Microsoft SharePoint server. The breach was disclosed after the threat actor, known as “Fortibitch,” posted details of the stolen data on a hacking forum.
- Nature of the Breach: The breach reportedly involved unauthorized access to Fortinet’s Azure SharePoint instance, where 440GB of files were stolen. The attacker shared credentials to an S3 bucket where the stolen data was stored, making it available to other cybercriminals.
- Failed Ransom Demand: The hacker claimed to have attempted to extort Fortinet into paying a ransom to prevent the data from being leaked, but Fortinet refused the demand. There has been no indication that Fortinet paid or negotiated with the attacker.
- Customer Data Impacted: Fortinet confirmed that the incident involved customer data stored on a third-party cloud-based shared file drive. While the company has not disclosed the specific nature of the data stolen, it stated that less than 0.3% of its customer base was affected.
- No Malicious Activity Detected: Fortinet reassured customers that the breach has not resulted in any malicious activity targeting customers, and there was no involvement of ransomware or data encryption. Additionally, the company's corporate network was not breached during the attack.
- Previous Incident: This breach comes months after another incident in May 2023, when a threat actor claimed to have breached the GitHub repositories of Panopta, a company acquired by Fortinet in 2020, and leaked stolen data on a Russian-speaking hacking forum.
In light of this breach, Net Protector Cyber Security advises businesses to take the following actions to secure their own systems and data:
- Use Endpoint Security Solutions: Deploy NPAV Endpoint Security to protect your systems from data breaches, unauthorized access, and malware attacks.
- Review Cloud Security: Ensure that cloud-based services such as SharePoint are properly secured with multi-factor authentication (MFA) and regular security audits.
- Monitor and Detect Threats: Implement Network Intrusion Detection Systems (NIDS) and Intrusion Prevention Systems (IPS) to monitor for suspicious activities and protect against unauthorized access.
- Perform Data Encryption: Encrypt sensitive data both in transit and at rest to minimize the risk of exposure in the event of a breach.
- Update Incident Response Plans: Regularly update your incident response and disaster recovery plans to quickly mitigate any damage caused by breaches.
- Educate Employees: Conduct ongoing cybersecurity training to ensure employees recognize phishing attempts, credential theft schemes, and data handling protocols.
Net Protector Cyber Security continues to monitor the ongoing Fortinet breach for new developments and recommends that businesses remain vigilant in their cybersecurity practices.
Comment(s)
Categories
- Other (42)
- Ransomware (128)
- Events and News (26)
- Features (45)
- Security (433)
- Tips (79)
- Google (22)
- Achievements (9)
- Products (33)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (195)
- Cyber Attack (221)
- Data Backup (11)
- Data Breach (80)
- Phishing (139)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (56)
- Knoweldgebase (38)
- Botnet (15)
- Updates (3)
- Alert (71)
- Hacking (57)
- Social Media (7)
- vulnerability (54)
- Hacker (31)
- Spyware (8)
- Windows (6)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (5)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (5)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (8)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (7)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (2)
Recent Posts
Archive
Tags
cyber attack
phishing
data breach
ransomware
ransomeware
android malware
financial security
cyber security
malware
phishing attack
cyber threats
data stealing
phishing attacks
cyber threat
lockbit
india
data theft
ddos
financial fraud
cybercrime
cert-in
twitter
network security
phishing email
microsoft
critical vulnerability
trojan
cryptojacking
scam
phishing scam
play store
clop
email security
email phishing
vulnerability
cyber fraud
net protector total security
server security
malicious apps
winrar
data security
microsoft team
android apps
pakistan-backed hacker
cyberattack
cybercriminals
data backup
cyber attacks
organisation
ddos attack