A threat actor has emerged, claiming to offer unauthorized access to the Fortinet accesses of many companies. This threat actor is providing information regarding the sale based on the valuations of these companies without providing information about the sectors. From the samples presented, it’s evident that although the majority of compromised entities are small-scale enterprises, the threat actor asserts accessibility to the networks of larger corporations as well.
Regions spanning Malaysia, Chile, France, Kuwait, India, Mexico, Tunisia, Pakistan, Morocco, and the Philippines, including multiple accesses, are among the compromised entities. Additionally, accesses from the United States are also available for sale.
It’s imperative for businesses to act swiftly, assess vulnerabilities, and reinforce cybersecurity measures to mitigate the risks of unauthorized access and potential data breaches.
Other Fortinet Data Leak
- https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/
- https://www.cpomagazine.com/cyber-security/data-leak-exposes-50000-fortinet-vpn-credentials-on-popular-underground-hacker-forums-and-chats/
Source: Original Post