DELOITTE UK HACKED ?

5 Dec 2024

Deloitte UK, a big 4 accounting firm who provide audit and assurance, tax, consulting and risk and financial advisory services to a broad cross-section of the largest corporations and governmental agencies have apparently been hacked with a large 1TB data breach reported.

A notorious ransomware group, Brain Cipher, has reportedly breached Deloitte UK, claiming to have stolen over 1 terabyte of sensitive data from the global professional services firm.

Background on Brain Cipher

Brain Cipher emerged in June 2024 and quickly gained infamy for targeting organizations worldwide. One of its most prominent attacks disrupted Indonesia’s National Data Center, affecting over 200 government agencies, including critical services like immigration and passport control.

Allegations Against Deloitte UK

In statements shared online, Brain Cipher alleges that their attack has revealed significant vulnerabilities in Deloitte UK's cybersecurity framework. The group claims to have extracted compressed data exceeding 1 terabyte, casting doubt on the data protection measures employed by one of the "Big Four" accounting firms.

Upcoming Disclosures

The ransomware group has hinted at releasing further details about the breach, including:

• Evidence of alleged lapses in security protocols.
• Insights into contractual agreements between Deloitte and its clients.
• Information about Deloitte’s monitoring systems and security tools.
• Examples of compromised data.

Brain Cipher stated, “We will show excellent (not) monitoring work, and tell what tools we used, and use there today.”

Invitation for Negotiation

The group has also invited Deloitte representatives to initiate private discussions via corporate email, indicating a potential attempt at ransom negotiations.

Potential Implications

If confirmed, this breach could have far-reaching consequences, including:

• Exposure of Deloitte UK’s corporate clients to cybersecurity risks.
• Disclosure of confidential business and financial information. mage to Deloitte’s professional reputation and client trust.

Deloitte’s Response

As of now, Deloitte UK has neither confirmed nor denied the alleged breach. The situation is being closely monitored, and further updates will follow as more information becomes available.

LoughTec are cyber security experts, if you want to find out more on how LoughTec can help protect your business see below options. 

• Click to find out more about Security Operations Centre SOC 24-7-365 protection.
• Click to find out more about Ransomware Protection.
• Click to find out more about how much a cyber attack could potentially cost your business.