The consulting firm Deloitte was hit with a cyberattack that may have revealed the emails of its government and corporate clients, The Guardian reported Monday.
Deloitte uncovered the hack in March, but hackers may have had access to the company’s systems as far back as October.
The attack is among a series of hacks against major organizations in the past few months, with breaches hitting the Securities and Exchange Commission and credit agency.
The hackers appeared to breach the email servers by using an “administrative account,” which may have had broad access to the company’s emails, the publication said.
In addition to emails, hackers may have accessed usernames, passwords, IP addresses and health information.
In an emailed statement, Deloitte confirmed it was hacked, but said “only very few clients were impacted” and “no disruption” to client businesses occurred.
The company added that it went through a “comprehensive security protocol” and thoroughly reviewed the hack. It also contacted authorities immediately after it found out about the incident and contacted each of the clients affected.