Deloitte Hacked; Emails And Documents of Its Clients Were Accessed

Cyber-attack hits accounting giant Deloitte with clients' details, passwords and emails stolen

The Guardian reported that six Deloitte clients have already confirmed that the hack had impacted their data.

Accountancy giant Deloitte has been the victim of a cyber-attack that has compromised its global clients' confidential emails and intellectual property.

One of the biggest accounting firm Deloitte found that it had been hacked in March and hackers got access to its systems.

A hacker, or group of hackers, was able to break into Deloitte's systems by compromising an email server via an "administrator's account".

Two-factor authentication requires a second level of authentication above and beyond a password - usually a code sent to a user's mobile phone, to ensure the person accessing the account is the intended user.

The firm said it contacted "governmental authorities immediately after it became aware of the incident".

Six of Deloitte's clients have so far been told their information was "impacted" by the breach, according to The Guardian, and a Deloitte spokesperson told Computer Weekly that "very few" clients had been affected. The hackers had access to up to 5 million sensitive emails and documents of its clients.

"No disruption has occurred to client businesses, to Deloitte's ability to continue to serve clients, or to consumers", a spokeswoman said in a statement.

According to the newspaper, the attack breached the company email system and allowed the hackers "access to all areas".

An administrative account was used by the attacker to gain unfettered access to the company's cloud email service, hosted through Microsoft Azure, with the administrator's account reportedly not having two-factor authentication turned on. In 2012, research and advisory firm Gartner named Deloitte the best cybersecurity consultant in the world.

The attack was believed to have been focused on the US operations of the company, which provides auditing, tax advice and consultancy to multinationals and governments worldwide.

Deloitte claims that only a small fraction of its clients have been affected by this breach.

The financial regulatory agency said its network was hacked past year, possibly allowing intruders to make money by seeing crucial financial information before everyone else.

Deloitte also operates in Canada.