Deloitte is conducting an internal review to see how breach happened in March, but says just a fraction of emails are impacted
Accounting giant Deloitte has suffered a data breach that exposed confidential emails about some of its biggest clients.
According to The Guardian, Deloitte discovered the hack in March but it is possible the perpetrators had access to its systems since October 2016.
The hackers reportedly gained access to email servers through an administrator account which required just one password and was not protected by two factor authentication.
As many as five million Deloitte emails are stored on Microsoft’s Azure cloud platform, but the company said just a fraction were affected. It is claimed that the hackers had potential access user name, passwords and IP addresses, alongside attachments with potentially sensitive information.
An internal review team is investigating the breach but it is unclear who was behind it. Only a “handful” of the most senior partners were informed of the breach and some affected clients have been informed.
It is also believed the attack was focused on the US.
“In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilising a team of cybersecurity and confidentiality experts inside and outside of Deloitte,” a spokesman told The Guardian.
“As part of the review, Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators.
“The review has enabled us to understand what information was at risk and what the hacker actually did, and demonstrated that no disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients, or to consumers.”
The breach is the latest in a number of high profile incidents, most notably one affecting US credit agency Equifax that impacts half the US population.
“Deloitte is a ripe target because of the company’s position right at the top of the corporate food chain,” said Tony Pepper, CEO of cybersecurity firm Egress. “They work with some of the biggest organisations on earth, at the very highest level, which is like a red rag to a bull for hackers.
“Whilst it hasn’t been confirmed exactly what was stolen, compromised mail servers can be a good source of sensitive information for an attacker, allowing them to siphon off message content and attachments.
Do you know all about security in 2017? Try our quiz!