110 Million Passwords Stolen: What the FortiBleed Attack Means for You

What Happened

Since February 2026, a Russian threat actor has stolen over 110 million login credentials by exploiting a security flaw nicknamed "FortiBleed." This massive four-month campaign targeted companies using Fortinet security equipment. If you work for a small business or have reused your work email password anywhere else, your accounts may be at serious risk right now.

The Details

Fortinet makes firewalls and security devices that thousands of small businesses rely on to protect their networks. The FortiBleed vulnerability created a gap in these defenses that allowed hackers to intercept usernames and passwords as employees logged into work systems. Think of it like someone installing a hidden camera pointed at your office door, recording everyone's key codes for four months straight.

The attackers used custom software designed specifically to capture and collect these credentials automatically. They weren't just grabbing a few passwords here and there. This was an industrial-scale operation running continuously since February, harvesting millions of login details every week.

Here's where it gets personal: stolen work credentials don't stay at work. Cybercriminals sell these password lists to other hackers, who then try them on banking sites, email accounts, social media, and shopping platforms. If you used your work email password for your personal Amazon account or online banking, criminals now have a key to try.

Who Is Affected

Small business employees are the primary targets here. If your company uses Fortinet equipment (your IT person would know), your work login credentials may have been captured. This includes your email address and password, possibly your username for internal systems.

But the ripple effect extends far beyond the workplace. Anyone who reuses passwords across multiple sites is vulnerable. Your spouse's work credentials could give criminals access to your joint bank account. Your adult children working at affected companies could see their personal email and social media accounts compromised.

What You Should Do Right Now

1. Check if your email appears in this breach using GetCyberRight's Breach Monitor tool at getcyberright.com/breach-dashboard. Enter your work and personal email addresses.

The Bigger Picture

The FortiBleed campaign shows how business security problems quickly become personal security crises. Hackers know that people reuse passwords, and they exploit that human habit ruthlessly. This breach won't be the last of its kind. Staying informed about major credential thefts and checking whether your information was compromised has become as important as locking your front door.

How GetCyberRight Can Help

Our Breach Monitor tool tracks major data breaches, including the FortiBleed campaign. Enter your email address to see if your credentials appear in known breach datasets. We'll show you exactly which breaches affected you and what information was stolen, so you know precisely which passwords to change. Knowledge is the first step to protection.