A significant cybersecurity breach has impacted over 30,000 Fortinet devices globally, affecting major corporations including Accenture, Comcast, and Samsung. The hacking campaign, termed FortiBleed, exploits weak security practices, primarily the failure of companies to update default passwords on their firewalls and VPNs. Cybersecurity firms Hudson Rock and SOCRadar reported that hackers are using automated tools to identify vulnerable devices, subsequently accessing them through lists of known passwords.
Research indicates that more than 73,000 unique Fortinet URLs have been compromised. Reportedly, the most severely affected regions include India, the United States, Taiwan, and Mexico, with victims spanning multiple industries such as IT services and telecommunications. Fortinet has acknowledged awareness of the ongoing issue and clarified that the current compromise is tied to previous credential-harvesting incidents.
As the situation evolves, companies are urged to enhance their security measures, including changing default passwords and monitoring for unauthorized access. Despite inquiries, many affected organizations have not publicly commented on the breach.