Deloitte: Difference between revisions

← Older edit

Deloitte (view source)

Revision as of 23:13, 14 March 2025

8 bytes removed , 14 March

m

Text replacement - "The Guardian" to "The Guardian"

CargoAdmin, Bureaucrats, Moderators (CommentStreams), fileuploaders, Interface administrators, newuser, Push subscription managers, Suppressors, Administrators

5,223

edits

@@ Line 265: / Line 265: @@
 ===E-mail hack===
-In September 2017, ''[[The Guardian]]'' reported that Deloitte suffered a cyberattack that breached the confidentiality of its clients and 244,000 staff, allowing the attackers to access "usernames, passwords, IP addresses, architectural diagrams for businesses and health information". Reportedly, Deloitte had stored the affected data in Microsoft's [[Microsoft Azure|Azure]] cloud hosting service, without [[two-step verification]]. The attackers were thought to possibly have had access from as early as October 2016.<ref name="guardsep2017">{{cite web|url=https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails|title=Deloitte hit by cyber-attack revealing clients' secret emails|first=Nick|last=Hopkins|date=25 September 2017|access-date=10 October 2017|website=The Guardian}}</ref> [[Brian Krebs]] reported that the breach affected all of Deloitte's email and [[Superuser|administrative user]] accounts.<ref>{{cite web|url=https://krebsonsecurity.com/2017/09/source-deloitte-breach-affected-all-company-email-admin-accounts/|title=Source: Deloitte Breach Affected All Company Email, Admin Accounts – Krebs on Security|website=krebsonsecurity.com|access-date=10 October 2017}}</ref><ref>{{cite magazine|url=https://www.wired.com/story/security-news-of-the-week-deloitte-sonic-whole-foods-breach/|title=Security News This Week: The Deloitte Breach Was Worse Than We Thought|magazine=Wired|access-date=9 November 2017}}</ref> A later report by ''The Wall Street Journal'' repeated Deloitte's statement that only a few clients were affected. Deloitte said that neither its services nor its clients' businesses were disrupted. Deloitte reportedly first noticed suspicious activity in April 2017. Deloitte said that no sensitive information was compromised and that its investigators were eventually able to read every email obtained by the hackers.<ref name="WallCyber">{{cite news|last1=Rapoport|first1=Michael|title=New York Investigates Deloitte Cyberbreach|newspaper=The Wall Street Journal|date=13 October 2017}}</ref>
+In September 2017, ''The Guardian'' reported that Deloitte suffered a cyberattack that breached the confidentiality of its clients and 244,000 staff, allowing the attackers to access "usernames, passwords, IP addresses, architectural diagrams for businesses and health information". Reportedly, Deloitte had stored the affected data in Microsoft's [[Microsoft Azure|Azure]] cloud hosting service, without [[two-step verification]]. The attackers were thought to possibly have had access from as early as October 2016.<ref name="guardsep2017">{{cite web|url=https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails|title=Deloitte hit by cyber-attack revealing clients' secret emails|first=Nick|last=Hopkins|date=25 September 2017|access-date=10 October 2017|website=The Guardian}}</ref> [[Brian Krebs]] reported that the breach affected all of Deloitte's email and [[Superuser|administrative user]] accounts.<ref>{{cite web|url=https://krebsonsecurity.com/2017/09/source-deloitte-breach-affected-all-company-email-admin-accounts/|title=Source: Deloitte Breach Affected All Company Email, Admin Accounts – Krebs on Security|website=krebsonsecurity.com|access-date=10 October 2017}}</ref><ref>{{cite magazine|url=https://www.wired.com/story/security-news-of-the-week-deloitte-sonic-whole-foods-breach/|title=Security News This Week: The Deloitte Breach Was Worse Than We Thought|magazine=Wired|access-date=9 November 2017}}</ref> A later report by ''The Wall Street Journal'' repeated Deloitte's statement that only a few clients were affected. Deloitte said that neither its services nor its clients' businesses were disrupted. Deloitte reportedly first noticed suspicious activity in April 2017. Deloitte said that no sensitive information was compromised and that its investigators were eventually able to read every email obtained by the hackers.<ref name="WallCyber">{{cite news|last1=Rapoport|first1=Michael|title=New York Investigates Deloitte Cyberbreach|newspaper=The Wall Street Journal|date=13 October 2017}}</ref>
 In October 2017, ''The Guardian'' reported that client accounts compromised in the breach included, but were not limited to, the [[US Department of Defense]], the [[US Department of Homeland Security]], the [[US State Department]], the [[US Department of Energy]], mortgage companies [[Fannie Mae]] and [[Freddie Mac]], the [[National Institutes of Health]] (NIH), and the [[US Postal Service]].<ref>{{cite web|url=https://www.theguardian.com/business/2017/oct/10/deloitte-hack-hit-server-containing-emails-from-across-us-government|title=Deloitte hack hit server containing emails from across US government|first=Nick|last=Hopkins|date=10 October 2017|access-date=10 October 2017|website=The Guardian}}</ref> Fannie Mae and Freddie Mac issued statements saying they were not affected by the attack and denied that any of their data was compromised.<ref name="BankerCyber">{{cite news|last1=Berry|first1=Kate|title=Fannie, Freddie not affected by Deloitte breach, GSEs say|url=https://www.americanbanker.com/news/fannie-freddie-not-impacted-by-deloitte-breach-gses-say|access-date=6 December 2017|publisher=American Banker|date=10 October 2017}}</ref>
@@ Line 272: / Line 272: @@
 ===Carillion===
-Deloitte had acted as internal auditor at construction and services giant [[Carillion]] before it went into liquidation in January 2018. The "excoriating" and "damning" (''[[The Guardian]]'')<ref name="Davies-16May2018">{{cite news|last1=Davies|first1=Rob|title='Recklessness, hubris and greed' – Carillion slammed by MPs|url=https://www.theguardian.com/business/2018/may/16/recklessness-hubris-and-greed-carillion-slammed-by-mps|access-date=16 May 2018|work=The Guardian|date=16 May 2018}}</ref> final report of the Parliamentary inquiry into Carillion's collapse was published on 16 May 2018, and criticised Deloitte for its involvement in the company's financial reporting practices:
+Deloitte had acted as internal auditor at construction and services giant [[Carillion]] before it went into liquidation in January 2018. The "excoriating" and "damning" (''The Guardian'')<ref name="Davies-16May2018">{{cite news|last1=Davies|first1=Rob|title='Recklessness, hubris and greed' – Carillion slammed by MPs|url=https://www.theguardian.com/business/2018/may/16/recklessness-hubris-and-greed-carillion-slammed-by-mps|access-date=16 May 2018|work=The Guardian|date=16 May 2018}}</ref> final report of the Parliamentary inquiry into Carillion's collapse was published on 16 May 2018, and criticised Deloitte for its involvement in the company's financial reporting practices:
 {{blockquote|Deloitte were responsible for advising Carillion’s board on risk management and financial controls, failings in the business that proved terminal. Deloitte were either unable to identify effectively to the board the risks associated with their business practices, unwilling to do so, or too readily ignored them.<ref name="Carillion report conclusion">{{cite book|title=Carillion: Second Joint report from the Business, Energy and Industrial Strategy and Work and Pensions Committees of Session 2017–19|url=https://publications.parliament.uk/pa/cm201719/cmselect/cmworpen/769/769.pdf|date=2018|publisher=House of Commons|location=London|page=91|access-date=16 May 2018}}</ref>}}