There will be a pretty high amount of embarrassing material here if this gets dumped.<p>Senior leaders at large companies tend to use firms like Deloitte for their most controversial and sensitive potential projects, ideas, etc. And they confide with them with a lot of candor.<p>I would not be surprised to see unabashed discussion of tax evasion, for example. Or leaders within a single company using Deloitte to undermine their peers. Or debates of the merits of layoffs designed to be age discriminatory.<p>Basically, there would a much higher percentage of "good stuff" in a dump of these emails than say, in the Sony dump.
From Deloitte web site :<p>In the face of so many questions, one thing is clear: Current approaches to managing cyber risk, many of which are focused on “securing the perimeter,” aren’t enough.<p>( <a href="https://www2.deloitte.com/me/en/pages/risk/articles/changing-the-game-on-cyber-risk0.html" rel="nofollow">https://www2.deloitte.com/me/en/pages/risk/articles/changing...</a> )
No s/mime, no pgp, so the hackers get everything nice and neat in plaintext. Not sure why we think email encryption is optional nowadays, especially for sensitive communications.
As the companies grow they try to build a fence rather than educate people. Many a times asking people to setup a complex password is problematic. While you can enforce it on a company wide system, people will still revert back to default/easy passwords on internal systems. There are frequently cases of Active Directory passwords being very demanding but the internal DB passwords being abc123.
I have always wondered why hackers don't target some of these major corporations more often. Imagine the emails that could come from a hack of Apple, Monsanto, or Wells Fargo.