Customer data leak at IT security solutions provider Fortinet
Unknown attackers were able to access personal data of Fortinet customers via a third-party cloud instance.
(Image: Black_Kira/Shutterstock.com)
There has been a security incident at the provider of IT security solutions Fortinet and customer data has been leaked.
In a hacker forum, a user with the pseudonym "Fortibitch" offered 440 GB of data for sale, report security researchers from Cloudsek in a post. Negotiations with Fortinet are said to have failed, meaning that the unknown attackers have now leaked the data.
Authenticity unknown
It is not yet clear whether the data is genuine. In a statement, Fortinet confirms an attack, but does not specify which and how much data is involved. They state that 0.3 percent of their customers have been affected. According to the security researchers, the leaked documents contain not only customer data but also internal information such as marketing documents and sales figures.
Fortinet assures that they currently have no indications that the data has been misused. Furthermore, Fortinet services were not affected by the attack and no ransomware is said to be involved in the incident.
Those responsible state that the data copied by the attackers was stored in a third-party cloud storage facility. Fortinet is not currently explaining how the attackers were able to gain access to this data.
(des)
