According to Sept. 25 report from The Guardian, Deliotte, a multinational auditing, tax consultancy and cybersecurity firm was the victim of an information hack.
During the cybersecurity breach it was estimated that five million emails could have been accessed, in addition to many gigabytes of sensitive information related to Deliotte's customers.
The security breach was made possible by an exploitation of the company's cloud-based email server, Azure, which housed emails from its clients and its own internal communications alike.
"These are targeted attacks on financial opportunity."
By logging into the email through an administrator's account, the data thief, or thieves as it's undetermined if there one or multiple attackers, granted themselves access to potentially every segment of the system's contents, according to a Deliotte statement given to The Guardian.
Deloitte was founded in London but is currently headquartered in New York and has locations in over 150 countries, as mentioned on the company website. It provides its services to some of the world's largest banks, pharmaceutical companies and other international enterprises and reported a record $37 billion in revenue last year.
Deloitte told The Guardian six clients were notified of their information being affected in some way, but would not remark on their identities.
The company is said to have discovered the hack in March but there is speculation the illegal operators had access to Deloitte's emails as far back as October or November 2016.
Hack details are scare but concerns are mounting
Along with emails, the data thieves potentially had access to company IP addresses, usernames, passwords, financial data, health information and architectural diagrams for businesses.
Mark Rasch, a former federal cybercrimes prosecutor, told Reuters it was too early to determine how serious or impactful the security breach was because specific and official details are still so scarce. He said the case is still worrisome because of how sensitive the information is that Deliotte has about its customers. Business units that review potential acquisitions data, provide accounting services and detail cybersecurity measures could all potentially be exploited for gain by criminals following this incident.
"These are targeted attacks on financial opportunity," said Shane Shook, an independent consultant who helps finance companies investigate instances of hacking, to Reuters. "This trend is going to continue to grow."
It's important for customers and business owners alike to be aware of the risks of information breaches. Proactively protecting oneself or one's customers from these risks is a priority that everyone in the consumer market should address.