Deloitte hacked by stealing admin password
Date: Oct 2, 2017
It was revealed last week that Deloitte was hit by a major cyber attack that compromised its email system and certain client records.
The attack was achieved by knowing the password of a single system administrator.
With that simple piece of information, the hackers were able to gain access to Deloitte’s email services and, according to some reports, extract several gigabytes of data containing the content and details of clients’ email messages and attachments.
The initial report of the Deloitte breach came from the Guardian, which revealed hackers had compromised the “confidential emails and plans of some of its blue-chip clients.” In response, the firm confirmed it had suffered a cyber-attack, but played down the significance by saying “only very few clients were impacted.”
Well-respected security journalist, Brian Krebs, cites sources close to Deloitte who suggest the hack was likely more severe than that. The sources claimed the hackers accessed the entirety of the firm’s internal email database, and all administrative accounts.
This same source said forensic investigators identified several gigabytes of data being exfiltrated to a server in the United Kingdom. The source further said the hackers had free reign in the network for ‘a long time’ and that the company still does not know exactly how much total data was taken.
Meanwhile, Krebs’ sources say Deloitte has yet to identify the full pervasiveness of the attack.
For a key system to rely simply on user name and password for access is a fundamental failure of security, and one that could easily have been fixed by the addition of multi-factor authentication (MFA).
MFA provides maximum flexibility and ease of use, and can be rapidly introduced – thereby ensuring that a lost password no longer offers hackers an easy way into your organisation. Read our guide to choosing the right MFA solution to meet your specific needs.
Request the MFA Buyer’s Guide: