Summary: A significant data leak involving configuration data and VPN credentials for over 15,000 Fortinet devices has surfaced on the Dark Web, attributed to the Belsen Group. This incident follows the disclosure of a critical authentication bypass vulnerability in Fortinet’s systems, which was exploited to gather the leaked data. The implications of this breach highlight ongoing risks associated with outdated security practices and vulnerabilities in widely used technologies.
Threat Actor: Belsen Group | Belsen Group
Victim: Fortinet Devices | Fortinet
Keypoints :
- 15,474 Fortinet device configurations and VPN credentials leaked on the Dark Web.
- The data breach is linked to the exploitation of CVE-2022-40684, an authentication bypass vulnerability.
- Leaked data includes sensitive information such as IP addresses, usernames, passwords, and firewall rules.
Source: https://www.darkreading.com/endpoint-security/15k-fortinet-device-configs-leaked-dark-web