Massive VPN Credential Leak Exposes 74K Fortinet Firewalls

A massive credential leak is making the rounds, and it's a bad day for Fortinet customers worldwide. Dubbed "FortiBleed," the freshly surfaced data dump contains what appears to be VPN login credentials tied to 73,932 FortiGate firewall URLs.

The scope is staggering. The exposed credentials span 194 countries, making this one of the most geographically widespread VPN credential leaks on record. Fortinet and FortiGate devices are widely deployed across enterprises and government networks, meaning the potential blast radius is enormous.

BleepingComputer's Lawrence Abrams first reported the leak. The exposed data could give attackers direct access to corporate networks if credentials haven't been rotated or if multi-factor authentication isn't in place.

Organizations running Fortinet gear should immediately audit their VPN credentials, force password resets, and verify MFA is enabled across all access points. Yesterday would have been a better time to do it.