Fortinet Confirms Customer Data Breach via Third Party
The incident is a reminder why organizations need to pay attention to how they store and secure data in SaaS and cloud environments.
Discover the latest Fortinet cybersecurity insights, updates, and solutions. Protect your information with cutting-edge Fortinet security news and trends.
Search across headline titles and summaries.
Background for this topic.
Fortinet is a cybersecurity vendor best known for FortiGate, a network firewall platform running FortiOS. FortiGate appliances, virtual machines, and cloud deployments provide traffic filtering, VPN access, intrusion prevention, and network segmentation; related products manage devices, collect security telemetry, or protect endpoints. FortiGuard Labs supplies threat intelligence and detection updates used across parts of this ecosystem.
Fortinet matters to security teams because its devices commonly sit at network boundaries and may expose administrative interfaces or SSL-VPN services to the internet. Vulnerabilities in FortiOS or supporting products can therefore create a path to authentication bypass, unauthorized access, or interception of remote connections when affected configurations are present. Practitioners should track Fortinet advisories, promptly apply firmware and signature updates, restrict management access, use multifactor authentication where supported, and monitor device logs and configuration changes. During an incident, preserve firewall and VPN telemetry and review connected systems rather than treating the appliance as an isolated asset.
The incident is a reminder why organizations need to pay attention to how they store and secure data in SaaS and cloud environments.
That would explain this 440GB leak, then Fortinet has admitted that bad actors accessed cloud-hosted data about its customers, but insisted it was a "limited number" of files. The question is: how limited is "limited"?…
Also: Critical WHOIS Vulnerability Exposes Internet Security Flaw in .mobi DomainsThis week, cyberthreats rising in Mexico; FBI warned of BEC scams; U.K. police arrested hacking suspect; Avis, Slim CD, Medicare and Fortinet disclosed breaches; Highline public schools reopened after cyberattack; a critical flaw was found in WHOIS; and Konni upped attacks on Russia, South Korea.
Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server. [...]