Fortinet provides update on recent security incident


US-based cybersecurity company Fortinet has disclosed details of a recent security incident involving unauthorised access to a limited number of files

US-based cybersecurity company Fortinet has disclosed details of a recent security incident involving unauthorised access to a limited number of files. According to the company, the breach affected a small fraction of its customer base, representing less than 0.3% of all customers.

The individual responsible for the unauthorised access did not engage in any malicious activity targeting customers, Fortinet has stated. The company also confirmed that its products, services, and overall operations were not impacted by the breach. Additionally, no evidence suggests that the individual gained access to other Fortinet resources.

The breach was initially reported by Bleeping Computer, citing a threat actor who claimed on a certain cybercrime forum that they had stolen 440 gigabytes of Fortinet customer files. Fortinet emphasised that the breach did not involve data encryption, the deployment of ransomware, or access to its internal corporate network. The company's response included immediate customer outreach to support risk mitigation efforts.

Shortly after the event, Fortinet noted that the scale of the incident was unlikely to have a significant financial or operational impact on the company. Following the discovery of the breach, Fortinet terminated the individual’s access and began a thorough investigation, working closely with law enforcement and global cybersecurity agencies. An external forensics firm was brought in to verify the findings of Fortinet’s internal investigation.

Moreover, Fortinet has implemented additional security measures, such as enhanced account monitoring and improved threat detection protocols, to reduce the likelihood of similar events occurring in the future. More information about Fortinet Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN devices. The company also offers SIEM, network management, consulting services and EDR/XDR solutions.

In May 2023, an individual claimed to have breached the GitHub repositories for the company Panopta, who was acquired by Fortinet in 2020, and leaked stolen data on a Russian-speaking hacking forum. Source: Link .


Sep 16, 2024 10:00
Original link