Ransomware gang claims Deloitte UK


Brain Cipher, a ransomware gang that emerged in early June 2024, claims to have stolen 1TB of data from Deloitte UK. Deloitte says its systems haven't been impacted and is investigating the claims.

Deloitte is a multinational professional services network, one of the so-called “big four” accounting and audit firms.

“We are aware of the claims by the threat actor. Our investigation indicates that the allegations relate to a single client’s system which sits outside of the Deloitte network. No Deloitte systems have been impacted,” Deloitte spokesperson told Cybernews.

ADVERTISEMENT

Brain Cipher has listed the Deloitte United Kingdom affiliate on its victim site on the dark web and claims to have stolen more than 1TB of compressed data. The countdown timer gives the company less than 11 days to react. It has until December 15th, 2024.

“Unfortunately, giant companies do not always do their job well,” the hackers claim.

The ransomware gang hints that the company did not observe “elementary points” of information security and threatens to release more information about the incident, data samples, and others.

“We will show excellent (not) monitoring work, and tell what tools we used, and use there today,” the gang said.

“We will compare the contract between the customer and the contractor (Deloitte.com) with the results of its execution.”

jurgita vilius Konstancija Gasaityte profile Ernestas Naprys
Get our latest stories today on Google News

According to SentinelOne, Brain Cipher targets multiple critical industries and governmental organizations and engages in multi-pronged extortion. It posts victims on its TOR-based data leak site, and its malicious payloads are based on LockBit. Phishing and spear phishing are the gang's primary initial access vectors.

Updated on December 6th [07:45 a.m. GMT] with a statement from Deloitte.

ADVERTISEMENT