2 min read

Ernst & Young Reveals Breach of Support System

Ernst & Young says hackers accessed a third-party support system and downloaded documents that may have contained client tax data.

Image: BleepingComputer

Ernst & Young (EY) is notifying customers about a data breach involving a third-party support ticket system used by its IT staff. Support tickets submitted through the platform may have included documents containing client tax information.

EY is one of the world’s four largest auditing and professional services providers, offering auditing, tax, consulting, and transaction advisory services in more than 150 countries. The company employs 406,000 people and reported global revenue of $53.2 billion last year.

According to a notification sent to affected clients, EY detected anomalous activity on its networks on April 23 and began an investigation. With help from external cybersecurity experts, the company determined that an unauthorized third party had accessed the support platform between March 28 and April 12 and downloaded multiple documents.

The exposed information included certain personal and financial data contained in, or used to prepare, tax filings. However, the notification sample contains a placeholder for the specific data types, leaving the precise information exposed unclear. EY has also not disclosed how many customers were affected or whether the incident extends beyond its U.S. customer base.

Recommended reading

Florida man charged over Steam game crypto malware

EY says it secured its systems, removed the unauthorized access, and notified federal law enforcement. The company says it is unaware of any misuse or further exposure of the stolen files and has found no indication that specific individuals were targeted.

Affected clients are being offered 24 months of identity monitoring and restoration services through Experian. EY is urging recipients to enroll by October 31, 2026.

No data-extortion or ransomware group had claimed responsibility for the attack at the time of publication. BleepingComputer said it contacted EY for additional information but had not received a response.

Article image
Article image
Sophia Reynolds

Security Editor

Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.

via BleepingComputer

/ Keep reading