cyber Cyber Attack

Deloitte

Dec 10, 2023 1 min read
Deloitte

Deloitte, an accounting business, revealed that a sophisticated breach hijacked its global email server.

The Guardian initially reported the problem, which claims that hackers may have obtained usernames, passwords, and personal information of high-profile clients of prominent accounting firms in addition to emails belonging to corporate customers.

Hackers have access to IP addresses, company architectural blueprints, and health data in addition to emails.

Although Deloitte attempted to downplay the occurrence, it was established that it was immediately reported to government authorities and the impacted clients. In my opinion, incidents of this nature are always significant.

Source: https://securityaffairs.com/63414/data-breach/deloitte-secrity-breach.html

TPRM report: https://scoringcyber.rankiteo.com/company/deloitte

"id": "del024111223",
"linkid": "deloitte",
"type": "Breach",
"date": "09/2017",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': ['high-profile clients',
                                               'corporate customers'],
                        'industry': 'Accounting',
                        'name': 'Deloitte',
                        'type': 'Accounting Firm'}],
 'attack_vector': 'Email Server Compromise',
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['usernames',
                                              'passwords',
                                              'personal information',
                                              'emails',
                                              'IP addresses',
                                              'company architectural '
                                              'blueprints',
                                              'health data']},
 'description': "A sophisticated breach hijacked Deloitte's global email "
                'server, potentially compromising usernames, passwords, and '
                'personal information of high-profile clients, as well as '
                'emails, IP addresses, company architectural blueprints, and '
                'health data.',
 'impact': {'data_compromised': ['usernames',
                                 'passwords',
                                 'personal information',
                                 'emails',
                                 'IP addresses',
                                 'company architectural blueprints',
                                 'health data'],
            'systems_affected': ['global email server']},
 'initial_access_broker': {'entry_point': 'global email server',
                           'high_value_targets': ['high-profile clients',
                                                  'corporate customers']},
 'motivation': 'Data Theft',
 'references': [{'source': 'The Guardian'}],
 'response': {'communication_strategy': 'Reported to government authorities '
                                        'and impacted clients',
              'law_enforcement_notified': 'Yes'},
 'threat_actor': 'Hackers',
 'title': 'Deloitte Global Email Server Breach',
 'type': 'Data Breach'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.