New York City-based accounting firm Deloitte was struck with a cyberattack that gave hackers access to company emails and potentially confidential client information, reports The Guardian.
The hack, which was discovered in March, enabled attackers to access data from an email platform that lacked two-factor authentication, a spokesman for the firm told The Hill. According to The Guardian, hackers potentially had access to the company's systems as far back as October or November 2016.
The breach may have compromised 5 million emails stored in the company's Microsoft Azure cloud service, including usernames, passwords, IP addresses, business diagrams and other sensitive information.
A review of the breach revealed "very few clients were impacted" and "no disruption has occurred to client businesses, to Deloitte's ability to continue to serve clients or to consumers," the spokesman told The Hill. So far, Deloitte has notified six clients their information may have been affected, reports The Hill.
More articles on cybersecurity:
SEC breach shows need for stronger private, public sector cybersecurity efforts, says Senate Dem.
New York woman steals 3 patients' identities to pay for 'Brazilian butt lift'
HITRUST, AMA partner to offer physicians cyber risk education