Date of Breach: September 2024
Total Data: Multiple internal communications and email addresses
🚨 Organization Overview:
Deloitte is one of the largest auditing and financial services firms in the world, offering services related to auditing, consulting, tax, risk management, and financial advisory. The breach targeted the company’s internal communications, specifically exposing sensitive data from its intranet systems.
🌍 Country: Global (Headquartered in the USA)
🔗 Website: Deloitte
📊 Overview of the Data Leaked by the Hacker:
The data breach was caused by an exposed Apache Solr server, which was left open with default login credentials. This server hosted internal emails and communications, and the hacker was able to access various internal documents and files.
Compromised Data Includes:
– Internal email addresses
– Communications between intranet users
– Internal settings and configurations
📢 Recommendations for Affected Users/Organizations:
1. Reset passwords for all internal systems and verify that no unauthorized access occurred.
2. Audit all exposed servers to ensure proper access controls are in place, especially for critical systems such as Apache Solr or any other web-facing systems.
3. Monitor internal communications for any signs of further breach or malicious activity.
4. Notify affected clients and partners, especially if their data may have been exposed during this breach.
#databreach #cybersecurity #Deloitte #DataGuardAlert #InternalData #IntranetBreach #ApacheSolr
We See What Others Cannot
