September 13, 2024 at 05:03AM
Fortinet confirmed a data breach after a hacker leaked 440 Gb of data allegedly obtained from an Azure Sharepoint instance. The hacker, named ‘Fortibitch,’ released information on accessing an AWS S3 bucket storing the data. However, Fortinet clarified that less than 0.3% of customer data was compromised, and no evidence indicated malicious activity or a material impact on its operations.
Based on the meeting notes, the key takeaways are:
1. Fortinet has confirmed a data breach impacting some of its customers after a hacker leaked files alleged to belong to the company.
2. The hacker, known as ‘Fortibitch’, announced the breach and claimed that 440 GB of data came from an Azure SharePoint instance.
3. The hacker made the data available after Fortinet refused to pay a ransom, and shared information for accessing an AWS S3 bucket allegedly storing the data.
4. Fortinet issued a security incident notice, confirming unauthorized access to a limited number of files stored on a third-party cloud-based shared file drive.
5. The compromised data includes limited information related to less than 0.3% of Fortinet’s customers.
6. It is confirmed that the incident did not involve data encryption, ransomware deployment, or access to the company’s corporate network.
7. There is no indication that the incident has resulted in malicious activity affecting any customers, and Fortinet believes the incident is not reasonably likely to have a material impact on its financial condition or operating results.
8. Fortinet has notified law enforcement and some cybersecurity agencies about the breach.
These are the key takeaways from the meeting notes.