A hacker released almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While many appliances with the exploited Fortinet vulnerability have since been patched, many VPN credentials seem still to be valid. With these VPN credentials access to a network can be gained to perform data exfiltration, install malware, and perform ransomware attacks.
