Deloitte UK Targeted by Brian Cipher Ransomware Attack
Deloitte UK, one of the worldās leading professional services firms, has fallen victim to a significant cyberattack involving the Brian Cipher ransomware. The attack has reportedly compromised an estimated 1TB of sensitive data, raising serious concerns regarding the security of its infrastructure. In response to this breach, Deloitte has acknowledged the gravity of the situation and initiated a thorough investigation. However, experts suggest that the process may take some time before precise details about the breach are uncovered.
The Brian Cipher ransomware, which first emerged in July 2024, gained early notoriety after it successfully targeted and crippled an Indonesian government data center. This attack appears to be a part of a broader trend where sophisticated threat actors exploit vulnerabilities in corporate networks to gain unauthorized access. It is believed that the attackers leveraged a weakness in Deloitteās network security to infiltrate its systems, potentially making off with sensitive client data, proprietary software blueprints, and confidential financial documents.
Although the attackās full extent is yet to be confirmed, sources suggest that the breach may have far-reaching implications. The stolen data could include critical information about Deloitteās internal IT infrastructure, exposing vulnerabilities in its systems and procedures. The company has stated that it is monitoring the situation closely and is committed to providing further updates as its investigation progresses. Deloitte has indicated that more detailed findings are expected by early next week, though the true scale of the breach may take longer to fully assess.
On December 6,2024, Deloitte condemned the claims of Brian Cipher as false.
British Telecom Targeted by Black Basta Ransomware Group
In a separate but equally concerning development, British Telecom (BT) has reportedly fallen victim to an attack by the notorious Black Basta ransomware group. Over recent weeks, media outlets in the United States have been rife with reports of targeted cyber-attacks against multiple telecom operators, with the Salt Typhoon hacking group being identified as the primary actor behind espionage-related campaigns against several entities.
However, the focus has now shifted to British Telecom, a major UK-based telecommunications provider with over 100,000 users. The Black Basta ransomware group allegedly breached BTās network, leading to potential data theft and subsequent sale of the stolen information on the dark web. While BT has not yet confirmed the specifics of the attack, sources suggest that the hackers may have gained unauthorized access to critical data, including corporate information from BTās servers.
In an official statement released earlier today, British Telecom acknowledged the attempted infiltration of its conferencing platform servers, which was attributed to the Black Basta group. However, the company stopped short of confirming whether any data had been successfully siphoned or sold. The ongoing investigation is expected to determine the full impact of the attack and whether any confidential corporate data has been compromised.
As of now, the investigation is still in its early stages, and BT has not provided further details on the scope of the breach. The company has assured its customers that it is taking all necessary measures to secure its systems and prevent future incidents. The situation remains fluid, and more information will likely emerge in the coming days as the investigation progresses.
