INFRA
INFRA
INFRA
Hackers breach Deloitte’s email system, compromise client data
Yet another data breach at a major company has come to light.
In a statement released this morning, global accounting giant Deloitte LLP revealed that hackers had compromised its internal email system. A report in The Guardian cited sources familiar with the matter as saying that the deployment held approximately 5 million messages. The tipsters claim that some of them contained passwords, diagrams and other confidential information belonging to the company’s clients.
Yet despite the scope of the breach, Deloitte said that “very few” customers were impacted. The Guardian’s sources claim the company has notified six organizations that their information had been compromised as part of the hack.
The attack seems to have exploited a poorly secured administrator’s account. In particular, Deloitte reportedly neglected to require the affected staffer to use multifactor authentication.
“Judging by the lack of multifactor authentication, it’s very likely that the brute force attack took place via web access to the email server,” commented Fleming Shi, senior vice president of technology at Barracuda Networks Inc. In other words, the attackers may have simply remotely guessed the email administrator’s password.
Given the compromised account’s weak security and the sheer amount of data on the line, Deloitte may have gotten off easy. This is especially true in light of the fact that the company apparently took quite some to detect the breach. According to the sources who shared the details of the incident, the hackers may have had access to the email system as early as October 2016.
With that said, the data that did get impacted by the breach could still pose a major problem. Deloitte works with many of the world’s largest corporations as well as numerous government agencies in the U.S. Plus, the attack may eventually turn out to be wider in scope than initially thought.
Deloitte said that it has brought the relevant authorities into the loop. The revelation of the breach comes only a few weeks after word got out that attackers have hacked credit reporting agency Equifax Inc. and stolen the personal information of 143 million consumers.
Image: Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
