The Deloitte hack dates to Nov. 2017 but only discovered this year
The Deloitte hack compromised a server that contained the emails of an estimated 350 clients, including four US government departments, the United Nations and some of the world’s biggest multinationals, according to the Guardian.
Hackers gained access to Deloitte’s email system through an administrative account that was not secured using two-factor authentication, The Guardian reports. Emails to and from Deloitte staff were hosted on Microsoft’s Azure cloud service. As well as email, hackers may have had access to “usernames, passwords, IP addresses, architectural diagrams for businesses and health information.”
According to law.com, the Deloitte hack reveals email vulnerabilities and regulatory gaps. The hack represents a breach of Deloitte’s ‘crown jewels,’ experts say, and large financial organizations and multinational corporations are likely among those affected.
Deloitte, which is registered in London and has its global headquarters in New York, was the victim of a cybersecurity attack that went unnoticed for months.
One of the largest private firms in the US, which reported a record $37bn (£27.3bn) revenue last year, Deloitte provides auditing, tax consultancy and high-end cybersecurity advice to some of the world’s biggest banks, multinational companies, media enterprises, pharmaceutical firms and government agencies.
In addition to emails, the Guardian understands the hackers had potential access to usernames, passwords, IP addresses, architectural diagrams for businesses and health information. Some emails had attachments with sensitive security and design details.
The breach is believed to have been US-focused and was regarded as so sensitive that only a handful of Deloitte’s most senior partners and lawyers were informed.
Deloitte’s response to the cyber incident included the following:
- Implementing its comprehensive security protocol and initiating an intensive and thorough review which included mobilizing a team of cyber-security and confidentiality experts inside and outside of Deloitte;
- Contacting governmental authorities immediately after it became aware of the incident; and,
- Contacting each of the very few clients impacted
- The attacker accessed data from an email platform. The review of that platform is complete.
- Importantly, the review enabled us to understand precisely what information was at risk and what the hacker actually did and to determine that:
- Only very few clients were impacted
- No disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients, or to consumers.
- Deloitte remains deeply committed to ensuring that its cyber-security defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cyber security.