Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish the data it had stolen earlier this week.
However, despite the claims, a Deloitte spokesperson said that its investigation indicates that the allegations relate to a single client’s system outside the Deloitte network.
“No Deloitte systems have been impacted,” the spokesperson said. This statement assures clients and stakeholders that the firm’s internal infrastructure remains secure.
Brain Cipher, a ransomware group that first emerged in 2024, published a post on 4 December claiming to have stolen 1TB of compressed data.
Free Webinar on Best Practices for API vulnerability & Penetration Testing: Free Registration
The group gave the firm 10 days, until December 15, to respond to the threat. In its statement, the ransomware group said, “giant companies do not always do their jobs well.” The post also said it would unveil how “the ‘elementary points’ of information security are not observed” by Deloitte.
According to SentinelOne, Brain Cipher engages in multi-pronged extortion, hosting a TOR-based data leak site.
The threat actor’s payloads are based on LockBit 3.0. In June 2024, Brain Cipher claimed responsibility for hacking into Indonesia’s Temporary National Data Center (PDNS) and disrupting the country’s services.
The ransomware gang initially demanded a ransom of $8m from PDNS but later published the decryptor for free.
Deloitte UK has strongly refuted claims of a major cybersecurity breach made by the ransomware group Brain Cipher.
While the group alleges it has stolen over one terabyte of sensitive data from the professional services giant, Deloitte has maintained that its systems remain unaffected.
The situation underscores the importance of third-party risk management and the potential impact of even unsubstantiated claims on an organization’s reputation and operations.
Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses
