Tuesday, 26 September 2017


Corporate finance giant Deloitte suffered a cyber-attack that compromised confidential data, including the private emails of some of its clients, the company has confirmed.

Its system had been accessed via an email platform and "very few" clients had been affected, Deloitte said.

The Guardian reported the attack had been discovered in March but could have happened months earlier.

Deloitte said it had contacted those whose data had been accessed.

It did not confirm exactly how many people had been affected or how much information had been compromised.

Deloitte carries out auditing, consultancy, tax and financial advice services for clients worldwide.

For the year ending on 31 May, it reported revenues of of $38.8bn (£29bn).
Email addresses

Prof Alan Woodward, cyber-security expert at Surrey University, told the BBC that private email addresses alone were valuable data for hackers.

"Many people expect their email address to be in the public domain," he said.

"But what most people have done when dealing with confidential matters is they have a second address - and it looks like it is that one that may have been let out here.

"Is it immediately going to be mean people's data will be breached? Not really - but the secondary, more confidential email addresses mean phishing can become much more sophisticated."

Phishing is an attempt by criminals to get valuable information, such as banking login details, by pretending to be emailing from an official source.

It is more likely to succeed if it is sent to an address that regularly receives correspondence from the real organisation.

No comments :

Post a comment