Deloitte hacked, compromising its clients' emails

The consulting firm confirmed it was the victim of a cyberattack but said the impact was small.

Ben Fox Rubin Former senior reporter

Ben Fox Rubin was a senior reporter for CNET News in Manhattan, reporting on Amazon, e-commerce and mobile payments. He previously worked as a reporter for The Wall Street Journal and got his start at newspapers in New York, Connecticut and Massachusetts.

See full bio

Ben Fox Rubin

Sept. 25, 2017 7:26 a.m. PT

hacking-security-hackers-federal-liberty-computers-2816.jpg — Usernames, passwords and IP addresses may have also been compromised in the cyberattack.
James Martin/CNET

The consulting firm Deloitte was hit with a cyberattack that may have revealed the emails of its government and corporate clients, The Guardian reported Monday.

Deloitte uncovered the hack in March, but hackers may have had access to the company's systems as far back as October.

The attack is among a series of hacks against major organizations in the past few months, with breaches hitting the Securities and Exchange Commission and credit agency Equifax.

The hackers appeared to breach the email servers by using an "administrative account," which may have had broad access to the company's emails, the publication said.

In addition to emails, hackers may have accessed usernames, passwords, IP addresses and health information.

In an emailed statement, Deloitte confirmed it was hacked, but said "only very few clients were impacted" and "no disruption" to client businesses occurred.

The company added that it went through a "comprehensive security protocol" and thoroughly reviewed the hack. It also contacted authorities immediately after it found out about the incident and contacted each of the clients affected.