Deloitte discovered the hack in March 2017, but it is believed the attackers may have had access to its systems since October or November 2016. The cybercriminals compromised the company’s global email server through an “administrator’s account” that gave them privileged “access to all areas”. The account required only a single password and did not have ”two-step“ verification, sources said.
The hackers had potential access to usernames, passwords, IP addresses, architectural diagrams for businesses and health information. Some emails had attachments with sensitive security and design details. The breach might have been US-focused and was regarded as so sensitive that only a handful of Deloitte’s most senior partners and lawyers were informed.
Deloitte confirmed it had been the victim of a hack, but insisted only a small number of its clients had been “impacted”. The Guardian was told an estimated 5 million emails were in the ”cloud” and could have been accessed by the hackers. Nevertheless, the company said the number of emails that were at risk was a fraction of this number but declined to elaborate.
Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators. It declined to say which government authorities and regulators it had informed, or when, or whether it had contacted law enforcement agencies.
Deloitte provides auditing, tax consultancy and high-end cybersecurity advice to some of the world’s biggest banks, multinational companies, media enterprises, pharmaceutical companies and government agencies. The company is registered in London and has its global headquarters in New York.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now