Up to 350 Deloitte clients reportedly affected by recent server hack

The recent cyber attack affecting consultancy firm Deloitte was much more widespread than previously thought, with the data breach compromising a server containing the email addresses of 350 clients, including four US government departments.

The Guardian reports that the most recent cyber attack, first reported last month, was initially much more widespread than previously thought, citing sources alleging that it affected major US government sources as well as some major multinational companies.

Previously, Deloitte had claimed the cyber attack, which reportedly took place over a number of months, had only impacted six clients, but the latest report claims that outfits including the US departments of state, energy, homeland security and defense, as well as the US Postal Service were affected.

Other bodies reported to have been compromised in the attack include US mortgage guarantee bodies Fannie Mae and Freddie Mac, plus the world governing body of soccer Fifa, with Deloitte no denying the claims when given right to reply, according to the title.

A Deloitte spokesperson said: “We dispute in the strongest terms that Deloitte is ‘downplaying’ the breach. We take any attack on our systems very seriously. We are confident that we know what information was targeted and what the hacker actually did. Very few clients were impacted, although we want to stress that even when one client is impacted, that is one client too many. We have concluded that the attacker is no longer in Deloitte’s systems and haven’t seen any signs of any subsequent activities. Our review determined what the hacker actually did. The attacker accessed data from an email platform. The review of that platform is complete.”

The marketing industry’s most high profile attack occurred earlier this year when WPP was subject to a global cyber attack, resulting in some of its agencies effectively being out of operation for week, with chief executive officer Sir Martin Sorrell telling The Drum the financial impact was in the region of £15m.

The Drum understands that WPP, which is a client of Deloitte, was not one of those affected by the breach.