A sophisticated cyber attack on accountancy firm Deloitte has reportedly compromised the confidential emails and plans of some of its blue-chip clients, the Guardian reported, adding that the hackers might have accessed its client's usernames, passwords and personal details.
Deloitte, which is registered in London and has its global headquarters in New York, fell against a cyber attack that they caught in March but it is possible that the breach might have begun last October or November.
The hacker compromised the firm's global email server through an "administrator's account" that, in theory, gave them privileged, unrestricted "access to all areas", the report said late on Monday.
Deloitte, which reported a record $37 billion revenue last year, provides high-end cybersecurity advice to some of the world's biggest banks, multinational companies, media enterprises, pharmaceutical firms and government agencies.
Six of Deloitte's clients were told that their information, which was stored in the Microsofts' Azure cloud service, was "impacted" by the hack.
Meanwhile, Deloitte confirmed that it fell victim to a hack and insisted "only a small number of its clients have impacted".
"In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilising a team of cybersecurity and confidentiality experts inside and outside of Deloitte," a spokesperson was quoted as saying.
"The review has enabled us to understand what information was at risk and what the hacker actually did, and demonstrated that no disruption has occurred to client businesses, to Deloitte's ability to continue to serve clients, or to consumers," the spokesperson added.
Deloitte did not tell which of its clients, that include US government agencies, have been impacted, but said: "As part of the review, Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators."
The company said it would continue to evaluate the matter and take additional steps as required.
