URGENT Security Alert: FortiBleed — 86,000 Fortinet Firewalls Compromised in Massive Credential Theft Campaign
**Published: June 27, 2026 | Litzsey Tech Services** **If your business uses a Fortinet FortiGate firewall or VPN, stop what you're doing and read this. Your admin credentials may already be in the hands of attackers.** --- ## What Happened A large-scale credential theft campaign — dubbed **FortiBleed** — has compromised verified administrator credentials for over **86,644 Fortinet FortiGate firewalls** across **194 countries**. That represents roughly **half of all internet-facing FortiGate devices worldwide**. The campaign was first discovered on June 13, 2026 by security researcher Volodymyr "Bob" Diachenko, who found an exposed threat-actor server containing a growing database of working login credentials for thousands of firewalls and VPN gateways. By June 19, the confirmed count had swelled to over 86,000 devices. **CISA (the Cybersecurity and Infrastructure Security Agency) issued an emergency advisory on June 18, urging all Fortinet customers to take immediate har...
