It's currently unclear who was behind the attack, but for the past six months, Deloitte has been investigating the breach of its email server, which exposed some five million emails. Along with emails and their sometimes sensitive attachments, the hackers may have gotten their hands on usernames, passwords, IP addresses, business information and workers' health records. The breach apparently stemmed from an administrator's account that was protected by a password and not two-step verification.
The Guardian reports that six of Deloitte's clients have been notified that their information was affected. A Deloitte spokesperson told the newspaper, "In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilising a team of cybersecurity and confidentiality experts inside and outside of Deloitte." The review of the breach is ongoing and the company is working to retrace the hacker's steps to see exactly what information was accessed. "The review has enabled us to understand what information was at risk and what the hacker actually did, and demonstrated that no disruption has occurred to client businesses, to Deloitte's ability to continue to serve clients, or to consumers," said the spokesperson.
Deloitte hasn't stated which of its clients, which include US government agencies, have been impacted, but said, "As part of the review, Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators. We remain deeply committed to ensuring that our cybersecurity defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cybersecurity. We will continue to evaluate this matter and take additional steps as required."