On Thursday, cybersecurity leader Fortinet announced a data breach involving customer information. The breach, which was disclosed in a statement posted online, revealed that an unauthorized individual accessed a limited number of files stored on a third-party shared cloud drive used by Fortinet. According to the company, the breach affected data from less than 0.3% of its customers. Notably, the incident did not involve data encryption, ransomware deployment, or access to Fortinet’s internal corporate network.
Fortinet, which reports having well over half a million customers based on its most recent full-year earnings, indicated that the breach could potentially impact at least 1,500 corporate clients. The breach came to light through a report by Bleeping Computer, which cited a threat actor claiming to have stolen 440 gigabytes of Fortinet customer files.
Despite the severity of the breach, Fortinet’s statement emphasized that no ransomware or encryption tactics were used and that the corporate network remained secure. The company has not yet provided additional details or responded to inquiries about the breach’s full scope and impact.
The breach highlights the ongoing challenges faced by cybersecurity firms in protecting sensitive customer data from unauthorized access. As investigations continue, Fortinet is expected to provide further updates and work on mitigating any potential risks associated with this incident.
