Deloitte said it believed the hack had only “impacted” six clients, and that it was confident it knew where the hackers had been. Deloitte has insisted its internal inquiry, codenamed Windham, found that only six clients had information that had been compromised. It is all deeply embarrassing.”The Guardian has been told Deloitte did not at the time have multi-factor authentication as standard on the server that was breached. The expert said the migration to the new email system would have “utterly complicated the kind of forensic investigation required to see what had happened”. “A hacker has got into Deloitte’s email system and been undetected for months, and only six clients have been compromised?

Source: The Guardian October 10, 2017 10:52 UTC