What information was leaked?

The leak included VPN configurations and administrator credentials.

How can I check if I was affected?

Use our IP checker above to see if your IP address is part of the leaked configurations.

FortiGate Leak Checker

Enter the IP address of your FortiGate

About

The Fortinet leak, first reported on January 14, 2025, exposed VPN configurations and administrator credentials of thousands of devices. This tool helps you determine if your FortiGate-Config is part of the breach.

What Happened?

On January 14, 2025, sensitive VPN configurations and administrator credentials of Fortinet devices were leaked online by Belsen Group, a previously unheard-of entity. The leaked data was shared on a popular darknet forum, Breachforums, exposing thousands of Fortinet firewalls to potential exploitation.

This leak enables attackers to gain unauthorized access to corporate networks, potentially leading to ransomware attacks and co.

Related Resources

For more detailed information about the leak, check out these trusted sources:

How to Protect Yourself

Immediately change all passwords on Fortinet devices, especially VPN and administrator accounts.
Ensure your Fortinet firmware is updated to the latest version to patch known vulnerabilities.
Disable unused services and ports to minimize attack surfaces.
Regularly audit your network to detect and remediate any misconfigurations.
Implement strong password policies and multi-factor authentication (MFA) where possible.

These steps are crucial in preventing unauthorized access and ensuring your devices are secure against future exploitation attempts.