Tech Translated

IT Security & Technology Blog

Practical IT insights for Australian businesses. Our team covers cybersecurity advisories, compliance updates, and plain-English explainers on the technology your business relies on, published regularly as the landscape shifts.

Security alert graphic for the FortiBleed Fortinet VPN credential leak

FortiBleed leak exposes Fortinet VPN logins: check yours now

A newly uncovered data leak dubbed "FortiBleed" has exposed working VPN and admin credentials for roughly 75,000 Fortinet FortiGate firewalls around the world, as reported by BleepingComputer. Security researchers who reviewed the data confirmed that many of the usernames and passwords are genuine, and that most of the affected firewalls are still online. The credentials appear to have come from exported FortiGate configuration files and include usernames, email addresses and plaintext passwords.

Why This Matters for Australian Businesses

FortiGate firewalls sit right at the edge of the network in a huge number of Australian businesses. They're the front door, and everything else sits behind them. If your firewall's credentials are in this dump, an attacker can log in over SSL VPN and walk straight into your network, then move sideways to your servers, files and Microsoft 365.

When client or staff personal information is exposed in an attack like that, it stops being just an IT headache and becomes a reporting obligation under the Privacy Act's Notifiable Data Breaches scheme.

What to Do Right Now

Check whether your firewall appears in the leak. Hudson Rock has published a free FortiBleed lookup tool. Whether you're affected or simply not sure, take these steps immediately:

  • Rotate every VPN and admin password on your FortiGate now
  • Enforce multi-factor authentication on all VPN accounts
  • Get the firewall's management interface off the public internet
  • Review your VPN logs for any logins you don't recognise
CISA has already issued the same advice to all Fortinet users. If you're running a FortiGate, act on this today.

Not sure if you're exposed?

Our cybersecurity team can check your exposure, rotate credentials and lock down remote access before anyone takes advantage of it.


Related Guide

Cybersecurity for Sydney SMBs

Explore our complete guide to protecting your business from cyber threats.

Read the Full Guide →