Bleepingcomputer
Ernst & Young Reports Data Breach from Third-Party Support System Hack
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Ernst & Young (EY) has disclosed a data breach resulting from unauthorized access to a third-party support ticket system used by its IT staff. The breach occurred between March 28 and April 12, 2026, during which an unauthorized party downloaded documents containing client tax information. EY began investigating after detecting anomalous activity on April 23, 2026. The company has not disclosed the number of affected clients or whether the breach impacts only U.S. customers. EY has offered affected clients 24 months of identity monitoring services through Experian. The breach notification was filed with the California Attorney General's office on July 15, 2026. As of now, there is no indication of misuse of the stolen data, and no group has claimed responsibility for the attack.
Key Points: • Ernst & Young experienced a data breach involving client tax information. • The breach was due to unauthorized access to a third-party support ticket system. • EY is providing 24 months of identity monitoring services to affected clients.