Fortinet confirms unauthorized access to customer data of APAC region

Fortinet, a California-based cybersecurity firm and the third-largest in the world with a valuation of approximately $60 billion, has reported a data breach affecting its customers in the Asia-Pacific region.

The breach involved unauthorized access to a third-party cloud-based shared file drive used by Fortinet. A hacker, known as "Fortibitch," who alleged to have stolen 440GB of files from the company's Microsoft Azure SharePoint server. The breach рeportedly occurred last month, but the exact date is not specified. It was discovered by the Australian Department of Home Affairs.

The threat actor claims the data is stored in an S3 bucket and has shared credentials for other hackers to access and download the data. Fortinet’s operations, products, and services have not been impacted.

Fortinet claims that exposed data is limited data related to a small number of Fortinet Asia-Pacific customers. The specific details of the exposed data have not been disclosed. Fortinet has communicated directly with affected customers and is monitoring the situation.

The nature of the breach, including the identity of the threat actor and whether any data related to the Australian federal government or critical infrastructure was compromised, remains unknown.

Update - Fortinet claims that the attack is impacting less than 0.3% of its more than 775,000 customers worldwide, which would place the number of affected organizations at around 2,325.