On Thursday, Fortinet, a major player in cybersecurity, revealed a data breach impacting some of its customers. In an online statement, the company confirmed that a hacker had gained access to “a limited number of files” on a shared third-party cloud drive used by Fortinet, which contained data from “less than 0.3%” of its customer base. Fortinet clarified that the breach did not involve data encryption, ransomware, or a compromise of its corporate network. Capital Brief initially broke the story.
Given Fortinet’s latest full-year earnings, which indicate it serves over half a million customers, the breach could potentially affect at least 1,500 corporate clients.
Bleeping Computer reported that a threat actor on a known cybercrime forum claimed to have stolen 440 gigabytes of Fortinet customer data, a listing also reviewed by TechCrunch. Fortinet's spokesperson, Stephanie Lira, declined to comment or provide details but did not challenge the reported number of affected customers.