Cybersecurity experts have issued an alert following reports that hackers accessed login credentials belonging to UK government officials and Foreign Office staff. The credentials, reportedly being sold on the dark web, were exposed as part of the ongoing FortiBleed attack campaign, according to a recent report by IT Pro.The FortiBleed campaign targets internet-facing Fortinet VPNs and firewalls, with over 70,000 devices in 194 countries believed to be affected. Analysis by SOCRadar identified a database containing login credentials, attributed to the Lynx/INC ransomware group. While initially thought to be basic usernames and passwords, reports suggest some exposed details include privileged Fortinet credentials. These could grant attackers access to core government networks, including the Foreign Office, NHS trusts, energy companies, and local councils. Some Foreign Office credentials are being sold for up to £40,000 on the dark web.Security researchers warn this sophisticated credential harvesting operation, using automated tools at high speed and volume, exponentially increases the risk to all organizations, not just government entities. Fortinet has stated the exposed data is likely a reshare from previous incidents or brute-forced credentials, not a result of a new breach.Source: IT Pro
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds





