Deloitte Cyber Attack Affects Few Clients
Deloitte was the latest to announce they had been the victim of a cyber attack. So far, only six of Deloitte’s clients were affected by the hack. However, Deloitte declined to identify them by name or industry.
Deloitte is an accounting, auditing, and financial tax consultancy service firm registered I London but based in New York City. Deloitte also runs a cyber security line of business that investigates data breaches.
Like the recent Equifax breach, the hackers went unnoticed for a significant amount of time before the data breach was discovered. Also like Equifax’s cyber attach, Deloitte decided to announce the cyber attack months later. Deloitte claims the breach was announced only to senior executives due to the sensitivity of the data.
According to a report by the Guardian, Deloitte discovered the cyber attack in March 2017. The accounting firm suspects the cyber attack may have been going on since November 2016 however. It is unknown who the hackers are or who they were working for.
The hacker compromised the firm’s Azure cloud email service by using an administrator’s account. Theoretically, that admin access level allowed the hacker an all-access, unrestricted login to any data. Possible hacked data includes usernames, passwords, IP addresses, architectural diagrams for businesses, security, and design details, and health data. Approximately 5 million emails are on the cloud service and could have been compromised by the hackers.
The admin account required only a single password and did not have “two-step” verification enabled. Two-step verification is an additional layer of security for online account logins. This additional security requires to enter a code sent to a verified smartphone or respond to a verification email sent to a pre-approved email address.
Deloitte opened an internal investigation to try and reconstruct the hacker’s path and establish exactly what information hacker(s) actually accessed.