Deloitte, one of the big four accounting firms, was the target of a data breach. The cyber attacker gained access to a global email server through an administrator’s account, which did not have two-step verification.

By being able to login with just a single password, the hacker could potentially have had unrestricted access to sensitive information across all areas. Aside from emails, passwords, and usernames, the privileged information at risk also included architectural diagrams for businesses.

The cyberattack, which occurred about a year ago, was not discovered until March of 2017. To date, six customers have been told their information was impacted. Meanwhile, the investigation continues.

Read the full story here.