Deloitte says it's been hacked

Delia Watkins
September 26, 2017

According to media reports, Deloitte is reported to have launched an internal inquiry in the hack - codenamed "Windham" - which has been running since the last six months.

Deloitte - one of the big four accounting firms in the world - confirmed to the Guardian, it had hacked but said only a small number of its clients had been impacted.

According to the report, Deloitte discovered the breach in March of this year.

The data accessed is said to be so sensitive in nature that only Deloitte's most senior partners and lawyers were informed of the attack. Two-factor authentication would have alerted the account owner of the unauthorized access, and may have prevented the attacker from accessing it outright.

Deloitte said it immediately contacted government authorities and the affected clients after discovering the hack, which stemmed from a breach in an email platform, the firm said in a statement.

So far, six of Deloitte's clients have been told their information was "impacted" by the hack.

Emails to and from Deloitte's 244,000 staff were stored in the Azure cloud service, which was provided by Microsoft.

Our review enabled us to determine what the hacker did and what information was at risk as a result.

Quake in North Korea briefly stokes nuclear fears
On its website, the USGS said that it "cannot conclusively confirm at this time the nature (natural or human-made) of the event". We can not conclusively confirm at this time the nature (natural or human-made) of the event", the USGS said.

Last week, several small businesses in the USA filed a class-action lawsuit against credit rating firm Equifax, representing millions of others affected by the breach of personal data, which included names, dates of birth, email addresses and telephone numbers.

The attack was believed to have been focused on the U.S operations of the company, which provides auditing, tax advice and consultancy to multinationals and governments worldwide.

A measure of Deloitte's concern came on 27 April when it hired the USA law firm Hogan Lovells on "special assignment" to review what it called "a possible cybersecurity incident".

The financial regulatory agency said its network was hacked a year ago, possibly allowing intruders to make money by seeing crucial financial information before everyone else.

"Deloitte remains deeply committed to ensuring that its cyber security defences are best in class, investing heavily in protecting confidential information and to continually reviewing and enhancing cyber security".

Deloitte is just the latest firm to fall victim to a high-profile cybersecurity breach. Internal investigators say they've been able to follow an electronic trail that shows major clients were the point of interest.

"This is why multi-factor access control such as two-factor authentication is important, especially for admins".

Deloitte also operates in Canada.

Other reports by PlayStation Move reviews

Discuss This Article