Another day, another data breach…
A major cyberattack has been reported at Deloitte, one of the world’s “big four” accounting firms.
Security experts believe that the breach may have started in October of 2016 and extended through this past March. Deloitte has been investigating the breach for the last several months, and is just now releasing information to the public about the incident.
In the attack, hackers were able to successfully breach a server where they gained access to the private emails of Deloitte’s clients — at least 5 million in total. It is possible that hackers were able to obtain passwords, usernames, IP addresses, workers’ health records and business plans.
Sources indicate that the breach originated from an administrator’s account that was password-protected, but not fortified with two-step verification (like security questions or a personal identification number). Deloitte has not yet announced which clients were impacted. However, has been revealed that one affected client was the U.S. government.
As of right now, it remains unclear as to where the attack originated. The investigation is ongoing.
The key lesson from this incident is that businesses need to do more to protect their private accounts. Strong passwords need to be used at all times, and enforced by IT. Also, two-step verification is imperative. If two-step verification had been used in this situation, hackers may have been unable to get inside of the network.
Apex Technology Services is actively monitoring the situation and will provide further updates when they arise.
For more information about Apex — premier cybersecurity consultants serving Greater New York City, Connecticut and beyond — click here.
A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.
To ensure your security, consider one of our most popular services — Auditing & Documentation — which pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.