Hacker IntelBroker claims breach of Deloitte internal messages

The threat actor IntelBroker, associated with the cybercriminal forum BreachForums claims responsibility for a data breach involving Deloitte, a global leader in auditing and consulting.

The breach was caused a Apache Solr server, part of the Deloitte's IT infrastructure, left accessible to the internet with default login credentials. This vulnerability provided unauthorized access to:

• internal communications and settings,
• email addresses
• intranet messages between Deloitte users.

The number of affected individuals is not disclosed.

IntelBroker, shared evidence of the breach on BreachForums. Deloitte has not commented on the breach claims.

Update - as of 24th of September 2024, Deloitte confirmed a data breach but stated the impact is limited, with no threat to client or other sensitive data, according to their investigation. The company is addressing the situation while maintaining that no critical data was compromised.