Deloitte suffers major cyber attack

Deloitte discovered breach in March, but its systems could have been vulnerable since October 2016 - report

Another week, another report of a major cyberattack hitting a global firm.

Following on from an attack which exposed millions of Equifax customer details earlier this month, The Guardian is reporting Deloitte has been similarly targeted by an especially sophisticated hack.

It is believed confidential emails and plans of Deloitte's blue-chip clients have been exposed in an attack that went unnoticed for months. Reports suggest Deloitte learned of the breach in March, but its systems could have been vulnerable since October 2016.

Advertisement - Article continues below

A hacker, or group of hackers, was able to break into Deloitte's systems by compromising an email server via an "administrator's account". This would have given the attackers full access to the company, and such accounts typically have two-factor authentication enabled.

Deloitte, one of the world's largest private accountancy firms, manages clients such as banks, publishers as well as government agencies, and it is thought companies spanning the full range of Deloitte's clients could be at risk.

A spokesperson for Deloitte said in a statement emailed to IT Pro: "The attacker accessed data from an email platform. The review of that platform is complete."

From the review, the company said it has determined that only very few clients were impacted, and that no disruption has occurred to clients' businesses, to Deloitte's ability to continue to serve clients, or to consumers.

Advertisement
Advertisement - Article continues below

"Deloitte remains deeply committed to ensuring that its cyber security defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cyber security," the spokesperson added.

Advertisement - Article continues below

As part of its response to the incident, Deloitte is contacting each of the affected clients, and the spokesperson said it contacted the relevant governmental authorities as soon as it knew of the incident.

It is now implementing initiating "an intensive and thorough review which included mobilising a team of cyber security and confidentiality experts inside and outside of Deloitte".

Picture: Bigstock

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement

Recommended

Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020
Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020

Most Popular

Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020
Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/security/cyber-security/355271/microsoft-gobbles-up-corpcom-domain-to-keep-it-from-hackers
cyber security

Microsoft gobbles up corp.com domain to keep it from hackers

8 Apr 2020