- Popular cybersecurity firm Fortinet has been hit by a cyber attack. 440 GB of data has been stolen.
- The attack was carried out by a hacker group named “Fortibitch”. The group tried to extort a ransom from the company and posted the data on a hacking forum when it failed.
- According to the company, less than 0.3% of its customers have been affected and there’s no material impact on business.
Fortinet, the cybersecurity giant, has confirmed that it has suffered a data breach.
The hacker group, which goes by the name “Fortibitch,” tried to extort a ransom from the company but, upon their refusal, published the data online.
What Does Fortinet Have to Say About This?
“An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number of Fortinet customers.” – Fortinet in a statement
Initially, the company refused to divulge how many customers have been affected or what kind of data was stolen. However, later, through an update on its site, it revealed that less than 0.3% of its customers have been affected.
There’s no sign of targeted malicious activity towards them as of now, which is good. All impacted customers (which mostly includes customers from the Asia-Pacific region) have been notified about the incident.
Also, since the number of customers affected was quite small, there’s no material impact on the company’s finances or operation.
The company contacted the law enforcement agency immediately after the attack was discovered – the investigation is still underway. An external forensics team was also hired, in addition to Fortinet’s in-house forensic team, to ensure an incident like this never happens again.
About the Company
Fortinet is the third-largest cybersecurity firm in the US with a total valuation of $60 billion. Based in California, it’s known for providing firewalls and endpoint security to companies around the world.
This has been a difficult year for Fortinet so far. Prior to this incident, it faced three other small security lapses.
- The first one was in January, when two critical flaws were discovered in its FortiOS and FortiProxy HA cluster codes. The company patched them, but there’s no way to be sure if there was any exploitation before the patch.
- There were two more critical flaws and an issue with Fortinet’s operating system in February. Customers were slow to apply the fixes, as a result of which more than 100,000 devices were exposed online. During this time, China’s Volt Typhoon hacking group also began targeting Fortinet devices.
- Lastly, in June, Chinese hackers breached the Netherlands Ministry of Defense’s security using an unknown flaw. This flaw remained undetected for two months. At that time, around 20,000 additional FortiGate firewalls were compromised before the company finally became aware of the attacks.
Our Editorial Process
Our Editorial Process
Share 
Krishi Chowdhary Journalist 
Question & Answers (0)