The Guardian broke the news on Monday that Deloitte’s security had been breached by hackers. Cybercriminals might have accessed financial and personal data from as many as six clients of the accounting firm, according to the report.
Deloitte, which is considered one of the Big Four companies in global accounting services, might have been breached almost a year ago, although it only came to know about it back in March. Hackers gained access to an administrator account, which in turn let them potentially access millions of emails.
The attack could be potentially harmful judging by the precautions the firm has allegedly taken in advance, while concerns grow in the industry after Equifax’s disaster. Almost 150 million accounts were compromised as a result of the massive hack, and sensitive information ranging from banking data to passports was accessed.
Deloitte hit by cyber-attack revealing clients’ secret emails https://t.co/mWNekzi4fA
— The Guardian (@guardian) September 25, 2017
Emails, passwords, IP addresses, and more might have been stolen
According to The Guardian, Deloitte has informed six of their clients about the potential impact of the hack on their businesses, but the company has neither denied nor confirmed these claims when questioned by other media outlets.
Inside sources said the hackers managed to breach the firm’s tight security by taking advantage of a user with administrative privileges that didn’t have two-factor authentication enabled to log in. From there, they technically had “access to all areas” of the global server.
Deloitte uses Microsoft Azure as its cloud service, and all of their nearly 250,000 employees’ messages and correspondence were stored on the platform. An approximate 5 million emails could have been potentially accessed along with their contents.
Access to the platform, theoretically, also gave them potential access to other sensitive data like usernames, passwords, personal information like health records, IP addresses, other types of credentials, confidential Deloitte documents, and all attachments included in the emails.
Deloitte has confirmed an email breach, but statement is pretty sparse saying only a few clients impacted and investigation is ongoing.
— briankrebs (@briankrebs) September 25, 2017
Deloitte has been aware of the breach since March
Sources close to Deloitte told The Guardian that the firm had realized they were breached earlier in March this year. The attack itself, however, happened as far back as October or November 2016, according to preliminary analyses made by the company.
On April 27, Deloitte hired the law firm Hogan Lovells to conduct an internal investigation of a potential cybersecurity incident. “Legal advice and assistance” will be provided by the Washington firm on matters pertaining to the breach.
Several Fortune 500 companies make up the bulk of Deloitte’s client catalog, including big banks, government agencies in the U.S. and the U.K., and more staple firms from North America and Europe.
Rivals that complete the Big Four include PwC, KPMG, and EY. Last year, Deloitte reported almost $40 billion in revenue worldwide. The firm is working closely with law enforcement to solve the issue, although the FBI wouldn’t confirm if they were involved in the investigation.
Source: The Guardian