One of the biggest accounting firm Deloitte found that it had been hacked in March and hackers got access to its systems. The company also believes that hackers may have access to email system since October or November 2016. The hackers had access to up to 5 million sensitive emails and documents of its clients.
Hackers got access to Deloitte’s email server through an administrator account and this account was not secured using two-factor authentication (2FA). So, hackers got unrestricted access to Deloitte’s Microsoft-hosted email mailboxes.
Deloitte offers tax, auditing, operations consulting, cybersecurity advisory, and merger and acquisition assistance services to several government agencies, private companies, and large Fortune 500 multinationals. So, it has big clients affected by this attack.
Deloitte claims that only a small fraction of its clients have been affected by this breach. It also notified six of its clients that hackers were able to access “usernames, passwords, IP addresses, architectural diagrams for businesses and health information,”
The company also runs a “CyberIntelligence Centre” that assists in data security. It was also named as best cybersecurity consultant in the world back in 2012 by Gartner. So, this breach is an embarrassing moment for the company.