Bleepingcomputer
Ernst & Young Data Breach Exposes Client Tax Information
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Ernst & Young (EY) has disclosed a data breach affecting client tax information due to a compromise of a third-party support ticket system. The breach was detected on April 23, 2026, after anomalous activity was observed. Unauthorized access occurred between March 28 and April 12, 2026, allowing attackers to download documents containing personal and financial data. While the exact number of affected clients remains undisclosed, EY has initiated notifications and secured its systems. The firm is offering 24 months of identity monitoring services to those impacted. No misuse of the stolen data has been reported, and the company has notified federal law enforcement. The breach highlights vulnerabilities in third-party systems used for client support.
Key Points: • Ernst & Young's data breach involved unauthorized access to a third-party support system. • The breach potentially exposed personal and financial information of clients from March 28 to April 12, 2026. • EY is offering 24 months of identity monitoring services to affected clients.