In a notable incident, Deloitte experienced a data breach discovered in March 2017. The attackers potentially had access to the company's systems since late 2016. The breach involved confidential information of some of its clients, with access gained through an account on the firm's email server.

How many accounts were compromised?

The breach impacted data related to six of Deloitte's clients.

What data was leaked?

The data exposed in the breach included confidential emails and plans of Deloitte's blue-chip clients, usernames, passwords, IP addresses, architectural diagrams for businesses, health information, intellectual property, product specifications, manufacturing techniques, and personally identifiable information (PII).

How was Deloitte hacked?

The Deloitte cyber-attack occurred when a hacker gained access to the firm's global email server through an administrator's account, which provided unrestricted access to all areas. The account only required a single password and lacked two-step verification, making it vulnerable to unauthorized access.

Deloitte's solution

In response to the hack, Deloitte took several measures to enhance its security and prevent future incidents. The company implemented a comprehensive security protocol and initiated an intensive review, which included mobilizing a team of cybersecurity and confidentiality experts both inside and outside of Deloitte. They also committed to ensuring that their cybersecurity defenses are best in class by investing heavily in protecting confidential information and continually reviewing and enhancing cybersecurity measures. Deloitte has been in contact with the impacted clients and notified governmental authorities and regulators. To further evaluate the matter and take additional steps as required, Deloitte is working on understanding what information was at risk and what the hacker actually did, demonstrating that no disruption has occurred to client businesses or Deloitte's ability to continue serving clients.

How do I know if I was affected?

Deloitte reached out to the six clients whose data was impacted by the breach. For those concerned about their credentials being compromised in this or other data breaches, they can visit Have I Been Pwned to check if their email has been involved in any known data breaches.

What should affected users do?

In general, affected users should:

• Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

• Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

• Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and any other important online accounts. Consider enabling this additional security feature to significantly reduce the risk of unauthorized access.

• Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the appropriate parties.

For more specific help and instructions related to Deloitte's data breach, please contact Deloitte's support directly.

Where can I go to learn more?

If you want to find more information on the Deloitte data breach, check out the following news articles:

• Deloitte hit by cyber-attack revealing clients’ secret emails