FortiBleed: Why This Cyber Attack Is Different And What You Need To Do Now
The problem
There’s a new cyber threat making headlines and it’s not what most people expect.
FortiBleed is a global campaign targeting Fortinet firewalls and VPN systems. These are the tools many organisations rely on to protect their network perimeter.
What makes this one different is simple.
It’s not caused by a software bug.
It’s caused by stolen and reused credentials.
Security researchers found a database of real, working usernames and passwords linked to tens of thousands of devices across 194 countries.
This means attackers are not guessing or trying to break in. They already have the keys.
The attack uses automated scanning and password testing at huge scale, along with techniques to capture and crack login data from live systems.
Even more concerning, this is still ongoing.
And because this is about identity rather than a vulnerability, simply updating your firewall won’t fix it.
Why this matters to your business
If your organisation uses Fortinet devices, or any internet-facing firewall or VPN, you could be exposed without realising it.
Here’s why this is serious:
- There’s no quick patch
This isn’t something you can fix with an update. It relies on leaked or reused passwords. - Access means full control
Firewalls sit at the edge of your network. If attackers get in, they can change rules, intercept traffic, and move into your internal systems. - Old credentials can still be valid
Even updated systems may still hold weaker password formats until users log in again or reset them. - Attackers don’t stop at one system
Once inside, they can move through your business and target critical systems.
In short, this is not just an IT issue. It’s a business risk.
What you should do right now
If you use Fortinet firewalls or VPNs, you shouldn’t wait.
Start with these steps:
- Check if you’ve been exposed
Use trusted tools to see if your domain or IP appears in the leaked data. - Reset all passwords immediately
Change every administrator and VPN password, especially on internet-facing systems. - Turn on multi-factor authentication
This adds a second layer of protection and can stop attackers even if they have a password. - Lock down remote access
Make sure your firewall management and VPN access are not open to the public internet unless absolutely necessary. - Review logs and activity
Look for unusual login times, unknown IP addresses, or unexpected accounts. - Strengthen credential security
Use modern password protection methods and remove older, weaker formats.
These are immediate actions. They reduce your exposure straight away.
How Bespoke IT can help
We know this can feel overwhelming. You might be thinking, “Are we already affected?” or “Are we doing enough?”
That’s exactly where we come in.
At Bespoke IT, we take a practical approach:
- We check if your systems have been exposed
- We review your firewall and VPN setup
- We reset and secure credentials properly
- We put stronger protections in place, including multi-factor login
- We look for signs of suspicious activity and hidden access
Most importantly, you’ll speak to real people who act quickly and explain things clearly.
The benefit to you
You get clarity, not uncertainty.
You’ll know if you’ve been affected, what needs fixing, and how your systems are protected going forward.
No guesswork. No gaps.
Just a secure, stable setup that keeps your business running as it should.
Take action today
FortiBleed isn’t going away, and waiting increases the risk.
If you’re unsure whether your business is exposed, it’s worth checking now.
Get in touch with Bespoke IT today and we’ll help you find out quickly and fix anything that needs attention.
“












