A ransomware group that identifies itself as Brain Cipher has made a data breach claim involving Deloitte UK through a post. The hackers have claimed to possess 1TB of compressed data and shared a sample of the leaked data to gain authenticity on their claim.
The Brain Cipher ransomware group came to light earlier this year and has been active throughout the year. The group engages in multi-pronged extortion, hosting a TOR-based data leak site. They had also claimed responsibility for breaking into Indonesia’s Temporary National Data Center, which disrupted the country’s services. The Brain Ciphers had initially asked for $8 million in return for the decryption key but later shared the key for free with the Indonesian organization.
In response to the breach claim, Deloitte’s spokesperson said that the initial investigations indicate that a single client’s system seems to have been impacted, and these systems are deployed out of Deloitte’s network. The ransomware group had quoted in their post, “giant companies do not always do their jobs well,” and gave a deadline of 10 days, till 15th December, to respond to their threat. The post also said it would unveil how “the elementary points of information security are not observed by Deloitte.”
Further details are yet awaited, but the breach claim surely would make a few of Deloitte’s customers worry a bit. Though the breach does not seem to have penetrated Deloitte’s system, a dent in their reputations cannot be ruled out. The organization will surely take its time to investigate the claim and then release a formal statement about the incident. We shall keep an eye on the developments and keep our readers informed.
