IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Deloitte suffers major cyber attack

Deloitte discovered breach in March, but its systems could have been vulnerable since October 2016 - report

Deloitte sign on the side of an office building

Another week, another report of a major cyberattack hitting a global firm.

Following on from an attack which exposed millions of Equifax customer details earlier this month, The Guardian is reporting Deloitte has been similarly targeted by an especially sophisticated hack.

It is believed confidential emails and plans of Deloitte's blue-chip clients have been exposed in an attack that went unnoticed for months. Reports suggest Deloitte learned of the breach in March, but its systems could have been vulnerable since October 2016.

A hacker, or group of hackers, was able to break into Deloitte's systems by compromising an email server via an "administrator's account". This would have given the attackers full access to the company, and such accounts typically have two-factor authentication enabled.

Deloitte, one of the world's largest private accountancy firms, manages clients such as banks, publishers as well as government agencies, and it is thought companies spanning the full range of Deloitte's clients could be at risk.

A spokesperson for Deloitte said in a statement emailed to IT Pro: "The attacker accessed data from an email platform. The review of that platform is complete."

From the review, the company said it has determined that only very few clients were impacted, and that no disruption has occurred to clients' businesses, to Deloitte's ability to continue to serve clients, or to consumers.

"Deloitte remains deeply committed to ensuring that its cyber security defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cyber security," the spokesperson added.

As part of its response to the incident, Deloitte is contacting each of the affected clients, and the spokesperson said it contacted the relevant governmental authorities as soon as it knew of the incident.

It is now implementing initiating "an intensive and thorough review which included mobilising a team of cyber security and confidentiality experts inside and outside of Deloitte".

Picture: Bigstock

Featured Resources

Big data for finance

How to leverage big data analytics and AI in the finance sector

Free Download

Ten critical factors for cloud analytics success

Cloud-native, intelligent, and automated data management strategies to accelerate time to value and ROI

Free Download

Remove barriers and reconnect with your customers

The $260 billion dollar friction problem businesses don't know they have

Free Download

The future of work is already here. Now’s the time to secure it.

Robust security to protect and enable your business

Free Download

Most Popular

How to secure your hybrid workforce
Advertisement Feature

How to secure your hybrid workforce

23 Sep 2022
What your hybrid workforce needs from their laptops
Advertisement Feature

What your hybrid workforce needs from their laptops

21 Sep 2022
Why collaboration is key to digital transformation

Why collaboration is key to digital transformation

13 Sep 2022