Major cybersecurity firm Fortinet has disclosed having information from fewer than 0.3% of its customers compromised following a cyberattack against its Microsoft Azure SharePoint server by the threat actor Fortibitch, which claimed to have stolen and exposed 440 GB of data, reports Hackread.
Additional details regarding the extent of the stolen information, which has been made available on an Amazon S3 bucket, were lacking but Fortibitch stressed the compromise of the cybersecurity solutions provider's cloud infrastructure while claiming the refusal of CEO Ken Xie to engage in ransom negotiations. Despite Fortibitch's claims of significant compromise, Fortinet emphasized the limited impact of the incident, which has not affected its products, services, and operations.
Such an incident comes more than a year after attacks exploiting a zero-day in Fortinet's FortiOS were conducted by Chinese threat actors. Another FortiOS vulnerability had also been leveraged to target numerous organizations.