This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Deloitte

Summary

In late September 2024, threat actor IntelBroker claimed to have exfiltrated email addresses and internal communications from Deloitte after the firm accidentally exposed an Apache Solr server to the internet. Deloitte stated there was no sign client data was at risk despite IntelBroker's claims. In December 2024, Brain Cipher ransomware separately listed Deloitte UK claiming over 1TB stolen, though Deloitte indicated only one client system was involved, suggesting limited impact.

What Happened

Deloitte inadvertently exposed an Apache Solr server publicly, allowing IntelBroker to access email addresses and internal company intranet communications.

Impact on Individuals

The breach exposed Deloitte employee email addresses and internal communications but reportedly did not compromise client data.

Organisational Response

Deloitte confirmed limited impact with no client data at risk from the September incident.

Verification Source: View original statement