Security Affairs
Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Deloitte denied its systems were hacked by Brain Cipher ransomware group

Deloitte has responded to claims by the Brain Cipher ransomware group, which alleges the theft of over 1 terabyte of the company’s data. Recently, the ransomware group Brain Cipher added Deloitte UK to its Tor leak site. The gang claimed to have stolen one terabyte of compressed data from the company. A Deloitte spokesperson addressed […]

Deloitte hack

Deloitte has responded to claims by the Brain Cipher ransomware group, which alleges the theft of over 1 terabyte of the company’s data.

Recently, the ransomware group Brain Cipher added Deloitte UK to its Tor leak site. The gang claimed to have stolen one terabyte of compressed data from the company.

A Deloitte spokesperson addressed claims made by the ransomware gang, stating that the source of data is a single client’s system, which is not linked to the company’s network. The company emphasized that its systems were not affected, based on their ongoing investigation.

The hackers are threatening to make the stolen files available in five days from now, unless a ransom is paid. 

“We are aware of the claims by the threat actor. Our investigation indicates that the allegations relate to a single client’s system which sits outside of the Deloitte network. No Deloitte systems have been impacted.” a Deloitte spokesperson told SC UK.

The Brain Cipher ransomware group has been active since at least April 2024. On June 20, 2024, the group targeted an Indonesian data center causing the disruption of around 210 critical government services, including customs and immigration. The cyber attack also caused significant airport delays. The Brain Cipher ransomware group initially demanded an $8 million ransom but later released the decryptor for free.

In September 2017, the accountancy firm giant revealed that was targeted by a sophisticated attack that compromised the confidential emails and plans of some of its blue-chip clients.

According to The Guardian, which first reported the incident, hackers may have accessed company customers’ emails along with usernames, passwords and personal details of top accountancy firm’s blue-chip clients.

In addition to emails, hackers had potential access to IP addresses, architectural diagrams for businesses and health information.

The newspaper described the breach as a “deep embarrassment” due to the efforts of the firm in the cybersecurity industry.

Deloitte discovered the hack in March 2017, and according to The Guardian, the attackers may have had access to the company systems since October or November 2016.

The attackers hacked into the Deloitte global email server through an “administrator’s account” that allowed them to have full access to any area of the accountancy firm.

Deloitte has faced hacking claims twice recently. In September, the popular threat actor IntelBroker claimed to have stolen sensitive data, but Deloitte stated the no sensitive data was exfiltrated.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)