A group of hackers has leaked a list of login details to users of the security company Fortinet’s enterprise-oriented VPN services. The hackers came across the data last summer through vulnerabilities in Fortinet’s other services that made it possible to “scrape” information from devices. Fortinet has since fixed the vulnerabilities, but the login information is still valid.
The hackers have chosen not to charge for the information, which was published on a newly started forum. The file containing the data has been analyzed by Bleeping Computer, which found 498,908 user data with connections to 12,856 devices. They have chosen not to try any user’s data, but can confirm that all IP addresses examined belonged to Fortinet’s VPN servers. In a study of Advanced Intel it appears that IP addresses lead to users all over the world, including Sweden.
The leak is considered serious, as the data can be used to hijack devices connected to users’ VPNs. This can then be used to steal data, install malware or ransomware for blackmail. There are various suggestions as to how much of the information is still valid, but especially server administrators are advised to review login information to avoid any intrusion. However, users have been warned about the vulnerability and have repeatedly been asked to take action before the information was leaked.
Read more about security: