# Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world _Thursday, June 25, 2026 at 8:07 PM EDT · Cybersecurity · Latest · Tier 2 — Notable_ ![Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world — Primary](https://techcrunch.com/wp-content/uploads/2026/06/fortinet-device.jpg?resize=1200,800) Cybercriminals have compromised tens of thousands of Fortinet firewalls and VPNs used by major companies all over the world, according to cybersecurity firms Hudson Rock and SOCRadar. The widespread hacking campaign, which is ongoing and has been dubbed FortiBleed, does not appear to involve abusing any unknown vulnerability in the targeted devices. Companies may not be changing passwords to the firewall or making sure that the credentials they use for sensitive systems exposed on the internet are not already known by hackers. In the campaign, hackers first use automated tools to scan the internet for exposed Fortinet firewalls and VPNs. They then break into the devices using lists of previously known passwords. Once a device is compromised, the hackers use it as a listening post, monitoring traffic passing through and collecting any additional credentials that flow by, which are then fed back into the scanner to compromise even more devices, SOCRadar wrote in its report. Hudson Rock said it found evidence that suggests more than 73,000 unique Fortinet URLs have been hacked, while SOCRadar said the total of hacked devices is more than 30,000. The hacked companies include Accenture, Comcast, Foxconn, Lenovo, Oracle, Samsung, Siemens, and PwC, according to Hudson Rock. The countries with the most affected devices are India, the United States, Taiwan, and Mexico, though victims are located all over the world. The most affected industries are IT services, construction materials, and telecommunications, according to Hudson Rock. Government agencies are also among the victims, per SOCRadar. The group behind the hacking campaign appears to be Russian-speaking. Fortinet said it is aware of a reported third-party credential-harvesting campaign targeting Fortinet firewalls and VPN gateways. The company said based on its analysis the data involved is a resharing of data from previous incidents as well as bruteforcing of credentials and is not related to any recent incident or advisory. The reports are based on the discovery of a list of credentials for Fortinet devices and associated companies. The hacking campaign was first reported by security researcher Bob Diachenko. Independent cybersecurity researcher Kevin Beaumont said he analyzed the data and confirmed the data is legit. ## Sources - [TechCrunch](https://techcrunch.com/2026/06/17/cybercriminals-allegedly-hacked-tens-of-thousands-of-fortinet-firewalls-used-by-major-companies-all-over-the-world/) --- Canonical: https://techandbusiness.org/newswire/X0O85GNlLhBSz1ObTi4Gzn Retrieved: 2026-06-26T04:05:09.415Z Publisher: Tech & Business (techandbusiness.org)