Skip to main content

Deloitte hit by major cybersecurity breach

One of the world's top accountancy companies has been hit by a targeted cyber-attack that apparently released details of secret client emails.

Deloitte, one of the so-called 'big four' firms, saw its company email system breached by unknown hackers who were able to gain access to client accounts and all the details within.

Hackers were able to use an unsecured administrator's account to access the emails, meaning details including usernames, passwords, IP addresses and more were accessible.

The account, reportedly for Microsoft's Azure cloud platform, which hosted Deloitte's email, did not use two-step authentication, meaning it only required a single password to access.

The attack reportedly went unnoticed for several months, according to the Guardian, which states that clients in multiple sectors, including banks, media companies, pharmaceutical firms and even government agencies could all be affected.

Deloitte's internal investigation into the incident is still ongoing, but the Guardian says that the breach is thought to have begun around October or November 2016.

The company confirmed to the Guardian that it had been the victim of "a cyber incident", but that only a small amount of clients (thought to number six unidentified US organisations) have so far been told their accounts were affected by the the hack.

“In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilising a team of cybersecurity and confidentiality experts inside and outside of Deloitte,” a spokesman said.

“The review has enabled us to understand what information was at risk and what the hacker actually did, and demonstrated that no disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients, or to consumers.

“We remain deeply committed to ensuring that our cybersecurity defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cybersecurity. We will continue to evaluate this matter and take additional steps as required."

Michael Moore
Michael Moore is News and Features Editor working across both ITProPortal and TechRadar Pro. He has worked as a technology journalist for more than five years, including spells at one of the UK's leading national newspapers. He is interested in hearing about all the latest news and developments across the Business IT world, and how companies are using new technology to help push forward their work and make their customer's lives easier.