Security consulting firm Deloitte hacked exposing millions of emails

Deloitte email servers compromised in long-running attack

Consulting firm Deloitte - one of the world's biggest security consulting firms - has seen its email servers hacked and millions of emails exposed.

It is the latest big-name organisation to be cracked by hackers in an attack that has exposed its entire email system.

And reports this morning suggest that the attack could be down to lax practices by the company, after the company seemingly left an Active Directory server with RDP ports open and exposed on the internet.

The first reports came via The Guardian, and come just a week after credit-reference agency Equifax suffered a massive data breach, exposing the personal information of 143 million US citizens.

The report suggests that the hackers were able to break into Deloitte's systems using an unsecured administrator's account, giving them full access to the company's five million cloud-hosted emails.

Hackers are said to have accessed confidential emails and plans of Deloitte's blue-chip clients, along with usernames, passwords, IP addresses, architectural diagrams for businesses and health information.

Deloitte first learned of the breach in March, according to the Guardian, but its systems could have been vulnerable since October 2016.

The company confirmed to The Guardian that it had been the victim of "a cyber incident", but claimed that only a small amount of clients have so far been informed that their accounts were affected by the hack.

According to the report, six of Deloitte's clients - which include some of the world's biggest banks, multinational companies, media enterprises, pharmaceutical firms and government agencies - have been notified.

"In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilising a team of cybersecurity and confidentiality experts inside and outside of Deloitte," a Deloitte spokesperson said.

"As part of the review, Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators.

"The review has enabled us to understand what information was at risk and what the hacker actually did, and demonstrated that no disruption has occurred to client businesses, to Deloitte's ability to continue to serve clients, or to consumers.

"We remain deeply committed to ensuring that our cybersecurity defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cybersecurity. We will continue to evaluate this matter and take additional steps as required."

It is not yet known who is responsible for the attack, with The Guardian noting that the organisation has yet to establish whether a lone wolf, business rivals or state-sponsored hackers were to blame.