Case Study: Rescana’s Comprehensive Approach to Mitigating Third-Party Risks Following the Belsen Group’s Fortinet Data Leak

Background

In January 2025, the Belsen Group, a newly identified hacking collective, leaked VPN credentials and configuration data for over 15,000 Fortinet FortiGate firewalls. The breach, tied to a 2022 compromise, placed thousands of organizations and their third-party partners at immediate risk. The leaked data appeared on the dark web, raising concerns about exploitation of vulnerable assets and potential compliance violations.

Rescana's Immediate Actions

  1. Identification of Affected Assets
    Rescana used its advanced asset discovery tools to scan client environments and third-party connections for FortiGate devices matching leaked IPs and configurations.
  2. Vulnerability Assessment
    Using AI-driven analysis, Rescana assessed whether impacted devices were vulnerable to CVE-2022-40684 an authentication bypass flaw linked to the attack.
  3. Third-Party Risk Management (TPRM) Response
    Recognizing supply chain exposure, Rescana extended its risk assessment services to third-party vendors, ensuring the same security standards were enforced.
  4. Patch Management Support
    Clients and their partners received step-by-step guidance for remediating CVE-2022-40684, ensuring updates were applied effectively and promptly.
  5. Credential Rotation Strategy
    To counter leaked VPN credentials, Rescana helped orchestrate wide-scale password rotations for administrative and remote access accounts.
  6. Continuous Monitoring & Threat Intelligence
    Clients benefited from real-time network monitoring and ongoing updates on Belsen Group activities, enabling early detection of exploitation attempts.

Outcome

Thanks to Rescana’s immediate and thorough response, affected organizations and their third-party ecosystems were able to rapidly secure exposed assets. This approach significantly reduced the risk of data breaches and reinforced long-term resilience across the supply chain.

Magic Stone is here for you!

Whether you’re protecting internal systems or managing complex vendor networks, third-party risk is real. As a trusted Rescana partner, Magic Stone Cyber Security helps organizations of all sizes gain visibility, automate monitoring, and take swift action when the unexpected hits. Join the Magic Stone family and take control of your cybersecurity with solutions built for today’s evolving threat landscape.

Share:

More Case Studies...

Blijf up-to-date! met de nieuwsbrief van Magic Stone

Schrijf je nu in en ontvang als eerste belangrijke updates en nieuws.

Schakel JavaScript in je browser in om dit formulier in te vullen.
Accepteren

Op zoek naar verkoopondersteuning of heeft u een algemene vraag?

Heeft u een verkoopvraag of een algemene vraag? Stuur ons een bericht en wij reageren zo snel mogelijk.
Schakel JavaScript in je browser in om dit formulier in te vullen.
Selectievakjes

"Door dit formulier in te dienen, gaat u akkoord met ons Privacybeleid en geeft u toestemming aan Magic Stone Cyber Security om uw gegevens op te slaan en te verwerken om op uw aanvraag te reageren."

Dit zal sluiten in 0 seconden

Scroll naar boven