Cybercriminal Gang Just Leaked 500,000 Fortinet VPN Users’ Passwords

A hacker gang has allegedly collected and dumped a big trove of roughly 500,000 login credentials belonging to customers of a well-liked VPN product from cybersecurity agency Fortinet.

The menace actor, who goes by the moniker of “Orange,” apparently leaked the trove of usernames and passwords on a darkish internet discussion board on Tuesday, Bleeping Computer has reported. While cybercriminals will usually attempt to promote such knowledge or use it for their very own nefarious functions, Orange apparently posted the big haul of data without cost.

The accounts are believed to have been compromised by way of a beforehand found vulnerability within the product. In April, federal agencies warned of a number of safety flaws in Fortinet’s VPN that might enable hackers entry. The firm has since been issued patches for these safety flaws—although that apparently didn’t cease droves of customers from having their account data compromised.

According to analysis from security firm Advanced Intel, Orange is considered a member of the ransomware gang “Groove.” They are reputed to have additionally beforehand labored for Babuk, a outstanding ransomware gang that tried to extort the Washington D.C. Metropolitan police division for hundreds of thousands of {dollars} earlier this 12 months.

Groove lately launched a brand new cybercrime discussion board referred to as RAMP and researchers have theorized that the gang could have leaked the VPN accounts as a manner of drawing consideration to their new enterprise enterprise.

Virtual non-public networks, meant to guard a person’s confidential knowledge and internet exercise, can turn out to be a privateness nightmare if anyone compromises them. In this case, entry to Fortinet VPN accounts would probably enable cybercriminals to infiltrate networks, steal knowledge, or worse. Unfortunately, the menace actor liable for the leak has claimed that lots of the credentials are nonetheless legitimate.

The credentials are reportedly tied to 498,908 customers and 12,856 gadgets—the likes of that are sourced from as many as 74 completely different international locations. The largest share of credentials comes from India, although Italy, France, and Israel even have sizable shares.

Fortinet, which sells quite a few safety merchandise, hasn’t but commented on the leak. We reached out to the corporate for remark and can replace this story in the event that they reply.