iThome – Fortinet, a leading cybersecurity firm, has confirmed that it has been the victim of a hacking incident. According to Hackread, a hacker known as Fortibitch claimed to have infiltrated Fortinet’s Azure SharePoint instance and accessed 440GB of data. The incident was promptly acknowledged by Fortinet, which stated that the affected shared cloud drive contained data from less than 0.3% of its customers.
Hacker’s Actions and Fortinet’s Response
On Thursday (September 12), Fortibitch announced on the Breach Forum hacker forum that they had successfully breached Fortinet’s Azure SharePoint account and obtained 440GB of data. Fortinet confirmed the incident within 24 hours, emphasizing that the compromised shared cloud drive contained data from a limited number of customers.
Fortinet’s official statement revealed that an individual unauthorizedly accessed a limited number of files stored on a third-party cloud shared drive. The company clarified that there have been no malicious activities impacting customers to date, and its products and services have remained unaffected. Additionally, Fortinet stated that the hacker was unable to access any other resources, and no ransomware was planted on its corporate network.
Collaboration with Customers and Internal Measures
Fortinet has been actively collaborating with affected customers and providing support for their risk mitigation plans. The company has also launched an investigation to terminate unauthorized access and control the situation. Fortinet has implemented additional internal processes to prevent such incidents from recurring, including strengthening account monitoring and threat detection.
Third-Party Cloud Service and Ransomware Attempt
While Fortinet did not reveal the specifics of the compromised third-party cloud service, Hackread reported that Fortibitch claimed to have infiltrated Fortinet’s Azure SharePoint instance and transferred the obtained data to their own Amazon S3 storage. Fortibitch also attempted to extort Fortinet, but according to Fortibitch’s posts, Fortinet’s CEO Ken Xie refused to pay the ransom. Xie stated that he would rather eat feces than pay a ransom.
Fortinet’s Denial of CEO’s Comments
Regarding the hacker’s description of CEO Ken Xie’s response, Fortinet denied that these were the CEO’s words. Fortinet clarified that the comments attributed to Xie were not his official statements.
Impact on Taiwanese Customers
In response to inquiries about the impact on Taiwanese customers, Fortinet confirmed that the incident had no effect on its customers in Taiwan. The company’s products, services, and operations in Taiwan continue to operate normally, and customers can rest assured that Fortinet has taken all necessary measures to ensure their network and information security.
Conclusion
The hacking incident at Fortinet serves as a reminder of the ongoing threat of cyberattacks on even the most sophisticated cybersecurity firms. Fortinet’s swift response and proactive measures to mitigate the impact of the breach demonstrate its commitment to protecting its customers and maintaining the integrity of its network. As cybersecurity threats continue to evolve, it is crucial for companies to remain vigilant and implement robust security measures to safeguard their data and operations.
Views: 0