TECHNOLOGY

United States warns of massive Fortinet credential breach

▪

Read, Watch or Listen

Media Bias Meter

Sources: 2

Center 100%

Sources: 2

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory after researchers uncovered a large-scale credential theft campaign targeting Fortinet firewalls and VPN appliances, dubbed "FortiBleed." According to data from cybersecurity firm SOCRadar, administrative credentials for at least 86,644 internet-facing Fortinet devices have been compromised worldwide, impacting roughly half of all accessible units. Attackers are using automated tools to spray known username and password combinations, then monitoring network traffic to harvest further credentials and move into internal Active Directory environments. Telecom, government and education sectors are among the hardest hit, with the United States heavily affected. CISA urges immediate credential rotation, renaming of default accounts and rigorous traffic auditing.

Prepared by Jonathan Pierce and reviewed by editorial team.

Timeline of Events

Earlier this year, Fortinet devices heavily scanned
Recent weeks, bespoke credential spraying tool deployed
Recent weeks, over 86,000 Fortinet devices compromised
Recent weeks, attackers pivot into Active Directory
Recently, SOCRadar confirms large-scale credential theft
Today, CISA issues urgent FortiBleed advisory
Today, organizations urged to rotate credentials
Today, telecom, government, education sectors highlighted

Why This Matters to You

Your online safety is at risk. The FortiBleed breach affects thousands of internet-facing devices. If you use Fortinet firewalls or VPNs, your credentials may be compromised. Especially if you're in telecom, government, or education sectors. Check your devices, change your passwords.

The Bottom Line

This is a massive, global cyber attack. It's not just about one company's products. It's about how we protect our digital lives. CISA's urgent advisory means act now: rotate credentials, rename default accounts, audit your traffic. Worth forwarding if you know someone using Fortinet.