Announced recently happens to be another breach of security, this time at Deloitte.  Supposedly through an email server that exposed confidential emails and details of clients.  For one thing, if details are discovered, the breach was not contained within the Email Server.  Most likely the attacker utilized the email server as a jumping point to gain more control and information within their systems.

There are a ton of things that can be said about this.  The most important is that there was a lapse in Security.  Who's fault is this ?  Security? Management? Employees?  Most likely all of them and also managers that held the purse strings of Security people.  This is a classic situation where there was a slightly lower "due diligence" on protecting emails and the server(s) than what should have been.

Let's face it.  Security is an ever present, ever persistent requirement in any and all companies.  Even for home users or employees that utilize their personal email accounts for business.  Everything is hackable, right? This is a true statement.  You can lock down all of your systems to the Nth degree, but tomorrow there will be a new vulnerability found. A new technique to break something.  This is just the way things are when you utilize computers and have Internet facing systems.  Expect to be broken in to.  Expect a breach. Plan for the catastrophe that may or may not ensue.  But if you are a business that relies heavily on the Internet, expect this.  

Never give up your diligence. Never give up your dedication. Never give up learning and training.  Build a lab at home or at work (with permission that is) to test various security of applications, programs, internet facing devices, etc.  Never ever let your guard down.

Just one link can be found here on an article concerning the possible email attack vector that his Deloitte.