Threat Actor Claims Fortinet Data Breach via Third-Party Service

A threat actor claimed unauthorized access to a third-party cloud-based file-sharing service used by Fortinet. The incident reportedly affected several Fortinet customers in the Asia-Pacific region.

“An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number of Fortinet customers, and we have communicated directly with customers as appropriate,” Fortinet spokesperson said to Cyber Daily.

The company stated that there is currently no indication that the incident has resulted in any malicious activity impacting customers and that Fortinet’s operations, products, and services remain unaffected.

Decoding Compliance: What CISOs Need to Know – Join Free Webinar

Fortinet is the third-largest cybersecurity firm with a valuation of $60 billion, known for providing endpoint security, firewalls, and other solutions to organizations worldwide, including critical infrastructure in Australia. The company has invested heavily in the Australian federal and defense market.

Interestingly, the threat actor on a hacking forum has claimed to have leaked 440 GB of data from Fortinet’s Azure SharePoint. However, it remains to be verified if this claim is connected to the confirmed third-party data breach incident.

HackManac states, “the post from the threat actor on the hacking forum is connected remains to be verified.”

As the story develops, it remains unclear whether any data about the government agencies or critical infrastructure was compromised, and the identity of the threat actor behind the breach is currently unknown.

Fortinet and relevant authorities are likely to provide updates as more information comes to light.

Simulating Cyberattack Scenarios With All-in-One Cybersecurity Platform – Watch Free Webinar