Deloittes clients affected by data breach

Tuesday 26 September 2017 14:50 CET | News

Deloitte, a popular accountancy company, has been breached, compromising confidential emails and plans of some of its blue-chip clients, according to the Guardian.

Deloitte discovered the hack in March 2017, but it is believed the attackers may have had access to its systems since October or November 2016. The cybercriminals compromised the company’s global email server through an “administrator’s account” that gave them privileged “access to all areas”. The account required only a single password and did not have ”two-step“ verification, sources said.

The hackers had potential access to usernames, passwords, IP addresses, architectural diagrams for businesses and health information. Some emails had attachments with sensitive security and design details. The breach might have been US-focused and was regarded as so sensitive that only a handful of Deloitte’s most senior partners and lawyers were informed.

Deloitte confirmed it had been the victim of a hack, but insisted only a small number of its clients had been “impacted”. The Guardian was told an estimated 5 million emails were in the ”cloud” and could have been accessed by the hackers. Nevertheless, the company said the number of emails that were at risk was a fraction of this number but declined to elaborate.

Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators. It declined to say which government authorities and regulators it had informed, or when, or whether it had contacted law enforcement agencies.

Deloitte provides auditing, tax consultancy and high-end cybersecurity advice to some of the world’s biggest banks, multinational companies, media enterprises, pharmaceutical companies and government agencies. The company is registered in London and has its global headquarters in New York.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Deloitte, data breach, online security, two factor authentication, sensitive data exposed, fraud prevention
Categories: Securing Transactions | Digital Identity, Security & Online Fraud
Countries: World
This article is part of category

Securing Transactions

Industry Events