Security Alert: If Your Business Uses Fortinet Network Equipment, Take Action Now

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a security problem affecting Fortinet devices. Hackers have obtained usernames and passwords for approximately 74,000 Fortinet firewalls and VPN gateways. These devices are used by businesses and government organizations to protect their networks and allow employees to connect remotely. Criminals are now using these stolen credentials to break into organizations. This threat primarily affects workplaces, not home users. If you work for a company or organization that uses Fortinet equipment for network security or remote access, your employer's systems could be at risk.

While this is not something most families use at home, it could affect where you work. If hackers get into your workplace network, they could access company data, employee information, or launch further attacks. If you work in IT or manage technology at your organization, take these steps immediately:

1. Change all passwords on Fortinet devices right away.
2. Enable multi-factor authentication if it is not already active.
3. Review access logs for any suspicious login activity.
4. Update Fortinet devices to the latest security patches. For employees who are not in IT, contact your IT department or security team to ask if your organization uses Fortinet equipment and what steps are being taken to protect systems. This incident is a reminder that even security equipment can become a target. At work, always use strong, unique passwords for any systems you access. Enable multi-factor authentication whenever your employer offers it. If you notice anything unusual when logging into work systems, such as unexpected password reset requests or unusual account activity, report it to your IT department immediately. Staying alert helps protect not just your workplace, but also the personal information of employees and customers.