"'Swept under the rug': Deloitte insider says hackers infiltrated 'entire email database' Source close to the probe told Brian Krebs the attack was worse than reported... But now, a source close to the firm's investigation has told cybersecurity journalist Brian Krebs that the situation is worse than previously reported. 'I think it's unfortunate how we have handled this and swept it under the rug,' the insider said. 'It wasn't a small amount of emails like reported. They accessed the entire email database.'... The source said that the professional services giant – formally Deloitte Touche Tohmatsu Limited – also has no idea how long the hackers were inside its systems..." http://www.ibtimes.co.uk/swept-unde...ers-infiltrated-entire-email-database-1640894 Krebs: "...Deloitte has sought to downplay the incident, saying it impacted “very few” clients. But according to a source close to the investigation, the breach dates back to at least the fall of 2016, and involves the compromise of all administrator accounts at the company as well as Deloitte’s entire internal email system..." https://krebsonsecurity.com/2017/09...ch-affected-all-company-email-admin-accounts/
"Deloitte hack hit server containing emails from across US government Exclusive: Cyber-attack was far more widespread than firm admits, say sources, with data from as many as 350 clients in compromised system The hack into the accountancy giant Deloitte compromised a server that contained the emails of an estimated 350 clients, including four US government departments, the United Nations and some of the world’s biggest multinationals, the Guardian has been told... The Guardian has established that a host of clients had material that was made vulnerable by the hack, including: • The US departments of state, energy, homeland security and defence. • The US Postal Service. • The National Institutes of Health. • “Fannie Mae” and “Freddie Mac”, the housing giants that fund and guarantee mortgages in the US Football’s world governing body, Fifa, had emails in the server that was breached, along with four global banks, three airlines, two multinational car manufacturers, energy giants and big pharmaceutical companies. The Guardian has been given the names of more than 30 blue-chip businesses whose data was vulnerable to attack, with sources saying the list 'is far from exhaustive'..." https://www.theguardian.com/busines...r-containing-emails-from-across-us-government