Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish the data it had stolen earlier this week.
However, despite the claims, a Deloitte spokesperson said that its investigation indicates that the allegations relate to a single client’s system outside the Deloitte network.
“No Deloitte systems have been impacted,” the spokesperson said. This statement assures clients and stakeholders that the firm’s internal infrastructure remains secure.
Brain Cipher, a ransomware group that first emerged in 2024, published a post on 4 December claiming to have stolen 1TB of compressed data.
Free Webinar on Best Practices for API vulnerability & Penetration Testing: Free Registration
The group gave the firm 10 days, until December 15, to respond to the threat. In its statement, the ransomware group said, “giant companies do not always do their jobs well.” The post also said it would unveil how “the ‘elementary points’ of information security are not observed” by Deloitte.
According to SentinelOne, Brain Cipher engages in multi-pronged extortion, hosting a TOR-based data leak site.
The threat actor’s payloads are based on LockBit 3.0. In June 2024, Brain Cipher claimed responsibility for hacking into Indonesia’s Temporary National Data Center (PDNS) and disrupting the country’s services.
The ransomware gang initially demanded a ransom of $8m from PDNS but later published the decryptor for free.
Deloitte UK has strongly refuted claims of a major cybersecurity breach made by the ransomware group Brain Cipher.
While the group alleges it has stolen over one terabyte of sensitive data from the professional services giant, Deloitte has maintained that its systems remain unaffected.
The situation underscores the importance of third-party risk management and the potential impact of even unsubstantiated claims on an organization’s reputation and operations.
Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses
Brinker, an innovative narrative intelligence platform dedicated to combating disinformation and influence campaigns, has been…
A recent investigation by cybersecurity researchers has uncovered a large-scale malware campaign leveraging the DeepSeek…
A recent malware campaign has been observed targeting the First Ukrainian International Bank (PUMB), utilizing…
A newly discovered malware, dubbed Trojan.Arcanum, is targeting enthusiasts of tarot, astrology, and other esoteric…
A sophisticated phishing campaign orchestrated by a Russian-speaking threat actor has been uncovered, revealing the…
A sophisticated malware campaign has compromised over 1,500 PostgreSQL servers, leveraging fileless techniques to deploy…
![](data:image/svg+xml;charset=utf-8,<svg height="400px" width="600px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
