One of the world’s biggest accountancy firms had been targeted by a sophisticated cyber attack that has compromised the confidential emails of some of its blue-chip clients.
Deloitte is one of the ‘big four’ global accountancy firms and one of the largest private companies in the US, with a reported £27.3bn revenue last year. According to The Guardian it was the victim of a hack that went unnoticed for up to six months.
Sources speaking to the paper confirmed the breach, which affected mostly US clients, was regarded as so sensitive that only a handful of the company’s most senior partners and lawyers were informed.
Article continues belowThe Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Customers who have had confidential information compromised are believed to include some of the world’s biggest banks, multinationals, pharmaceutical firms and US government agencies.
It is believed the hacker compromised the firm’s global email server and gained access to an estimated five million emails, user names, passwords, IP addresses and health records stored in Deloitte’s Azure cloud service, provided by Microsoft.
It is not yet known whether a lone wolf, business rivals or state-sponsored hackers carried out the attack, but it “is a deep embarrassment for Deloitte, which offers potential clients advice on how to manage the risks posed by sophisticated cybersecurity attacks”, says The Guardian.
Deloitte has said it will wait until completing its own internal review before commenting on the full extent and origin of the attack.