Accountancy and consulting firm Deloitte has become the latest big-name organisation to be cracked by hackers in an attack that has exposed its entire email system - and the attack could be down to lax practices by the company, leaving an Active Directory server with RDP ports open and exposed on the internet.
The first reports came via The Guardian, and come just a week after credit-reference agency Equifax suffered a massive data breach, exposing the personal information of 143 million US citizens.
The reports suggest that hackers were able to break into Deloitte's systems using an unsecured administrator's account, giving them full access to the company's five million cloud-hosted emails.
Hackers are said to have accessed confidential emails and plans of Deloitte's blue-chip clients, along with usernames, passwords, IP addresses, architectural diagrams for businesses and health information.
Deloitte first learned of the breach in March, according to the Guardian, but its systems could have been vulnerable since October 2016.
The company confirmed to the Guardian that it had been the victim of "a cyber incident", but claimed that only a small amount of clients have so far been told their accounts were affected by the hack.
According to the report, six of Deloitte's clients - which include some of the world's biggest banks, multinational companies, media enterprises, pharmaceutical firms and government agencies - have been notified.
"In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilising a team of cybersecurity and confidentiality experts inside and outside of Deloitte," a Deloitte spokesperson said.
"As part of the review, Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators.
"The review has enabled us to understand what information was at risk and what the hacker actually did, and demonstrated that no disruption has occurred to client businesses, to Deloitte's ability to continue to serve clients, or to consumers.
"We remain deeply committed to ensuring that our cybersecurity defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cybersecurity. We will continue to evaluate this matter and take additional steps as required."
It is not yet known who is responsible for the attack, with The Guardian noting that the firm has yet to establish whether a lone wolf, business rivals or state-sponsored hackers were to blame.
Much of today's AI is narrowly focused on specific tasks - a far cry from the general AI envisioned by the early pioneers
US space agency believes the crater could have preserved ancient organic molecules from the water that flowed there billions of years ago
Valve quietly closes down hardware initiatives launched following Windows 8
Scientists create a virtual reality simulation of a black hole sitting at the centre of the Milky Way
Simulations like this can help people understand complicated systems in the universe in a better way