Global consulting firm Deloitte has publicly addressed recent allegations by the ransomware group Brain Cipher, which claims to have stolen over one terabyte of compressed data from the company’s ecosystem.
Threat Actor’s Bold Claims
Brain Cipher, a relatively new but aggressive ransomware collective, posted its claims on a Tor-based website last week. The group has threatened to release stolen files within five days unless a ransom is paid, escalating the potential cybersecurity risk for Deloitte.
Deloitte’s Immediate Response
In a statement to SecurityWeek, a Deloitte spokesperson provided crucial context about the alleged breach. “We are aware of the claims by the threat actor,” the representative said. “Our investigation indicates that the allegations relate to a single client’s system outside the Deloitte network. No Deloitte systems have been impacted.”
Profile of Brain Cipher
Brain Cipher emerged in April 2024 but gained significant attention in June after a devastating attack on an Indonesian data center. The group has since targeted dozens of organizations across critical sectors, including healthcare, education, and manufacturing.
Sophisticated Cyber Tactics
The ransomware collective employs file-encrypting malware based on the LockBit platform, a technique that allows it to encrypt critical data and exfiltrate sensitive information. Cybersecurity researchers have noted potential connections between Brain Cipher and other ransomware groups like SenSayQ and EstateRansomware.
This incident marks the second time Deloitte has had to address hacking claims in recent months. In September, another hacker known as IntelBroker claimed to have stolen sensitive data, though Deloitte previously maintained that the impact was limited.
