The Fortinet VPN service leaks 500,000 accounts

A group of hackers has leaked a list of login details to users of the security company Fortinet’s corporate VPN service. The hackers came across the data last summer through vulnerabilities in Fortinet’s other services that made it possible to “scrape” information from devices. Fortinet has since fixed the vulnerabilities, but the login information is still valid.

The hackers have chosen not to charge for the information, which was published on a newly started forum. The file containing the data has been analyzed by Bleeping Computer, which found 498,908 user data with connections to 12,856 devices. They have chosen not to try any user’s data, but can confirm that all IP addresses examined belonged to Fortinet’s VPN servers. In a study of Advanced Intel it appears that IP addresses lead to users all over the world, including Sweden.


The leak is considered serious, as the data can be used to hijack devices connected to users’ VPNs. This can then be used to steal data, install malware or ransomware for blackmail. There are various suggestions as to how much of the information is still valid, but especially server administrators are advised to review login information to avoid any intrusion. However, users have been warned about the vulnerability and have repeatedly been asked to take action before the information was leaked.

Read more about security:

Source: SweClockers by

*The article has been translated based on the content of SweClockers by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!