Skip to main content
    If Your Business Uses Fortinet Security Software, Take Action Now
    Cybersecurity
    Important
    2 min read

    If Your Business Uses Fortinet Security Software, Take Action Now

    Criminals stole login credentials from Fortinet security systems and are using them to break into business networks and install ransomware.

    Source

    BleepingComputer

    Original headline: FortiBleed credential-theft campaign linked to Lynx ransomware

    Plain-English summary by GetCyberRight. Read the full report at the source above.

    Published Wednesday, July 1, 2026Updated Thursday, July 2, 20262 min read
    Share:

    A large campaign to steal passwords from Fortinet security systems has been connected to ransomware attacks. Fortinet makes security equipment that many businesses use to protect their networks. Criminals stole login credentials from these systems in what is being called the FortiBleed campaign. Those stolen passwords are now being used by ransomware groups called INC and Lynx to break into company networks, lock up files, and demand payment. This matters to families because if you work for a company that uses Fortinet equipment, your employer could be targeted. A ransomware attack on your employer could mean your personal employee information (Social Security number, address, banking details for direct deposit) gets stolen. It could also mean your workplace shuts down temporarily, affecting your paycheck and job security. If your spouse or adult children work for small to medium businesses, they are especially at risk since these companies often use Fortinet products.

    What you should do right now:

    1. Tell your IT department at work about this threat if you know your company uses Fortinet products (you can ask your IT team directly).
    2. Change your work computer password and any passwords you use to access work systems from home.
    3. Back up any important work files you are allowed to keep copies of to a personal drive or cloud storage.
    4. Never use your work passwords for personal accounts, and vice versa.
    5. If your company experiences a ransomware attack and your personal employee data is affected, immediately freeze your credit with all three credit bureaus. For long-term protection, understand that workplace security affects your personal life. Encourage your employer to take cybersecurity seriously by asking questions about how they protect employee data. At home, maintain completely separate passwords for work and personal accounts. Keep offline backups of important personal documents like tax returns, medical records, and family photos on an external hard drive that you disconnect from your computer after backing up. This protects you if either your workplace or home computer gets hit with ransomware.

    Protect Yourself

    Use our Cyber Threat Radar to check if you're affected and take action.

    Found this useful?

    Share it with someone who could use a heads-up.

    Share:

    Curated from trusted cybersecurity sources by GetCyberRight

    Source: BleepingComputer

    Discussion

    0

    Sign in to join the discussion.

    Stay ahead of cyber threats

    Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.