Accountancy firm Deloitte has reportedly been hit by a cyber-attack that’s resulted in secret client emails being revealed.
According to The Guardian, a “sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients,” went unnoticed by the firm for months.
The report says that Deloitte’s customers across the banking sector, media, pharmaceuticals, and government firms all had material in the email system that was breached.
According to the report, six of Deloitte’s clients have been told that their information has been impacted by the hack.
The Guardian said that the hacker may have had access to the system as far back as October or November, with Deloitte only discovering it in March.
Sources told the publication that an “administrator’s account” is believed to have been accessed and that gave the hacker “in theory” broad access to all areas.
In addition to the emails, which were stored in Microsoft Azure, allegedly being breached, the Guardian alleges that hackers may have also had access to usernames, passwords, IP addresses, architectural diagrams for businesses and health information.
An internal enquiry, codenamed “Windham” is said to be underway and a US law firm called Hogan Lovells was hired back on April 27th under “special assignment” to review a “possible cybersecurity incident.”
Deloitte confirmed to the Guardian that it had been hacked, but played down how many clients may have been impacted.
The NCSC Director predicts more ‘category one’ cyber attacks
How many records have been stolen this year already?
How to prepare for a cyber-attack
“In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilising a team of cybersecurity and confidentiality experts inside and outside of Deloitte,” a spokesman said.
“As part of the review, Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators.
“The review has enabled us to understand what information was at risk and what the hacker actually did, and demonstrated that no disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients, or to consumers.
“We remain deeply committed to ensuring that our cybersecurity defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cybersecurity. We will continue to evaluate this matter and take additional steps as required.
“Our review enabled us to determine what the hacker did and what information was at risk as a result. That amount is a very small fraction of the amount that has been suggested.”
Javvad Malik, security advocate at AlienVault, said: “The unfortunate incident demonstrates that even the largest of organisations can sometimes overlook fundamental security practices such as not enabling two-factor authentication on administrative accounts.”
“It also highlights the importance of ongoing monitoring and threat detection so that any malicious activity can be detected and responded to in a timely manner.”