Case Study: Rescana – Mitigating Third-Party Risks Following the Belsen Group’s Fortinet Data Leak

Background

In January 2025, the Belsen Group, a newly identified hacking collective, leaked VPN credentials and configuration data for more than 15,000 Fortinet FortiGate firewalls.

The leak was linked to a 2022 compromise and immediately exposed thousands of organizations and their third-party partners to potential risk.

The stolen data later appeared on the dark web. As a result, concerns grew around exploitation of vulnerable systems, ransomware exposure, and possible compliance violations.

Rescana's Immediate Actions

  1. Identification of Affected Assets
    Rescana used its advanced asset discovery tools to scan client environments and third-party connections for FortiGate devices matching leaked IPs and configurations.
  2. Vulnerability Assessment
    Using AI-driven analysis, Rescana assessed whether impacted devices were vulnerable to CVE-2022-40684 an authentication bypass flaw linked to the attack.
  3. Third-Party Risk Management (TPRM) Response
    Recognizing supply chain exposure, Rescana extended its risk assessment services to third-party vendors, ensuring the same security standards were enforced.
  4. Patch Management Support
    Clients and their partners received step-by-step guidance for remediating CVE-2022-40684, ensuring updates were applied effectively and promptly.
  5. Credential Rotation Strategy
    To counter leaked VPN credentials, Rescana helped orchestrate wide-scale password rotations for administrative and remote access accounts.
  6. Continuous Monitoring & Threat Intelligence
    Clients benefited from real-time network monitoring and ongoing updates on Belsen Group activities, enabling early detection of exploitation attempts.

Outcome

Thanks to Rescana’s immediate and thorough response, affected organizations and their third-party ecosystems were able to rapidly secure exposed assets. This approach significantly reduced the risk of data breaches and reinforced long-term resilience across the supply chain.

Magic Stone is here for you!

Whether you’re protecting internal systems or managing complex vendor networks, third-party risk is real. As a trusted Rescana partner, Magic Stone helps organizations of all sizes gain visibility, automate monitoring, and take swift action when the unexpected hits. Join the Magic Stone family and take control of your cybersecurity with solutions built for today’s evolving threat landscape.

Share:

More Case Studies...

Blijf up-to-date! met de nieuwsbrief van Magic Stone

Schrijf je nu in en ontvang als eerste belangrijke updates en nieuws.

Looking for Sales Assistance or have a General Inquiry?

Got a sales question or a general inquiry? Send us a message and we’ll respond as soon as possible.

Please enable JavaScript in your browser to complete this form.
Checkboxes

By submitting this form you agree to our Privacy Policy and consent to Magic Stone Cyber Security storing and processing your information to respond to your enquiry.

Follow us

This will close in 0 seconds

Scroll to Top