A notorious hacker has announced the theft of data from an improperly protected server allegedly belonging to Deloitte.
The hacker known as IntelBroker announced late last week on the BreachForums cybercrime forum the availability of “internal communications” obtained from Deloitte, specifically an internet-exposed Apache Solr server that was accessible with default credentials.
The hacker claims the stolen data includes email addresses, communications between intranet users, and internal settings.
The data is available for download to the hacking forum’s active users or those who have purchased credits.
The audit and consulting giant has confirmed being aware of the claims and a statement provided to SecurityWeek suggests that the company did indeed suffer a data breach, but impact is limited.
“Our investigation has found no threat to client data or other sensitive data related to this incident,” Deloitte said in an emailed statement.
BreachForums has been used by many hackers to announce allegedly successful attacks on high-profile companies, but their claims are often false or exaggerated.
Malwarebytes on Monday looked at posts advertising data leaks allegedly impacting SpaceX and the White House, but the cybersecurity firm concluded that “it’s probably not worth giving it the time of day”.