Deloitte hit by cyber attack, emails possibly compromised

According to a report by The Guardian, accounting and consulting giant Deloitte is today the latest global firm to succumb to a cyber attack.

The firm had reportedly known about the breach since March 2017, but hackers may have been able to access data on Deloitte’s systems since October 2016.

By compromising an administrator account that lacked a two-factor authentication system, the attackers theoretically had “access to all areas”, The Guardian notes.

Along with emails from the company employees, the attackers may have been able to access usernames, passwords, IP addresses and other sensitive information stored as attachments.

An administrator account lacking two-factor authentication is at the root of Deloitte’s cyber attack

Those affected by the hack are said to include “US governmental departments” and “household names”.

In response to questions by the British publication, the company revealed that it has mobilised a security team to investigate the hack, while it noted that a “very small fraction of the amount” of information suggested was actually compromised.

Some on social media weren’t so sure.

Live video from outside Deloitte HQ: pic.twitter.com/OebzrPPoS6

— Jerry Bell (@Maliciouslink) September 25, 2017

The news of the hack comes after the firm last week posted record revenues of US$39-billion globally. But Deloitte isn’t the only global firm to come under the security spotlight in recent weeks.

Earlier this month, US credit reporting agency Equifax revealed that an attack may have compromised as many as 143-million Americans’ personal information.

Feature image: Benson Kua via Flickr (CC BY-SA 2.0, resized)