A newly discovered leak dubbed FortiBleed has exposed what appears to be valid Fortinet and FortiGate VPN credentials for 73,932 firewall URLs across organizations worldwide. Researchers say the data may come from exported Fortinet configurations and includes usernames, email addresses, passwords, and details tied to major companies and government entities. #FortiBleed #Fortinet #FortiGate #BobDiachenko #HudsonRock #KevinBeaumont
Keypoints
- FortiBleed exposed credentials for tens of thousands of Fortinet and FortiGate devices worldwide.
- Bob Diachenko discovered a server containing usernames, email addresses, and plaintext passwords.
- The dataset includes major organizations such as Chevron, Samsung, Foxconn, Comcast, AT&T, and Toyota.
- Researchers believe the data came from exported Fortinet configurations and may be recent and authentic.
- Organizations are advised to rotate passwords, enforce MFA, review logs, and monitor exposed credentials.