Hackers Breached Deloitte, One of The "Big Four" Accounting Firms

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Deloitte, one of the world's biggest accounting, auditing, and corporate finance consulting firms, has suffered a data breach.

The breach, according to a UK newspaper citing an inside source, took place in around October or November 2016 but was not detected until after six months, in March 2017.

The hackers allegedly broke in after managing to take over one of the email server admin accounts. The hack was facilitated because the admin user did not use two-factor authentication for the account.

"In a hack of this scale, criminals or spies will continue to reap dividends years down the road," Kenneth Geers, senior research scientist at Comodo told Bleeping Computer via email.

"The attack has gone on for at least six months, so the hackers may have been able to cover their tracks and/or install backdoors for future use," Geers added. "An admin username and password to a global email server is like a digital Swiss Army knife to corporate and client secrets. It is inexcusable for such an admin account not to have two-factor authentication."

Hackers accessed customer information, confidential emails

Over 244,000 Deloitte employees were using the email server. The company started an investigation into the hack but had never gone public with what happened.


The Guardian reported that hackers might have gotten their hands on confidential emails, IP addresses, business plans, architectural diagrams, and health information. Some email file attachments also contained usernames and passwords belonging to US companies and governmental agencies that had contracts with Deloitte.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top