Ernst & Young Data Breach Exposes Client Tax Information

Ernst & Young Data Breach Exposes Client Tax Information

First seen 17 Jul 2026, 21:52 UTC BleepingcomputerCybersecuritynewsClassactionFeeds.FeedburnerSecurityaffairs.Co 84% similarity 57.6

Article Content

Browse articles
ThreatCluster

Ernst & Young (EY) has disclosed a data breach affecting client tax information due to a compromise of a third-party support ticket system. The breach was detected on April 23, 2026, after anomalous activity was observed. Unauthorized access occurred between March 28 and April 12, 2026, allowing attackers to download documents containing personal and financial data. While the exact number of affected clients remains undisclosed, EY has initiated notifications and secured its systems. The firm is offering 24 months of identity monitoring services to those impacted. No misuse of the stolen data has been reported, and the company has notified federal law enforcement. The breach highlights vulnerabilities in third-party systems used for client support.

Key Points: • Ernst & Young's data breach involved unauthorized access to a third-party support system. • The breach potentially exposed personal and financial information of clients from March 28 to April 12, 2026. • EY is offering 24 months of identity monitoring services to affected clients.

ThreatCluster AI

Timeline

2026-03-28
Unauthorized access period begins
An unauthorized third party accessed EY's support ticket system, downloading sensitive documents.
Bleepingcomputer
2026-04-12
Unauthorized access period ends
The unauthorized access to the support ticket system concluded, having exposed client data.
Bleepingcomputer
2026-04-23
Anomalous activity detected
Ernst & Young noticed unusual activity on its networks, prompting an investigation.
Bleepingcomputer
2026-07-15
Breach notification filed
EY filed breach notifications with the California Attorney General's office regarding the incident.
Cybersecuritynews
2026-07-17
Public disclosure of breach
Ernst & Young publicly disclosed the breach and began notifying affected clients.
Classaction

Community

Browse all →