Ernst & Young, a global professional services firm, is notifying customers of a data breach resulting from the compromise of a third-party support ticket system used by its IT personnel. Support tickets submitted through the platform may have contained documents with client tax information, with further coverage provided by Bleeping Computer.The breach was detected on April 23 when Ernst & Young noticed anomalous activity on its networks. An investigation, aided by external cybersecurity experts, revealed that an unauthorized third party accessed the support ticket system between March 28 and April 12, downloading multiple documents. The exposed information includes personal and financial data used in tax filings, though the exact nature of the data remains unclear as specific details were not disclosed. Ernst & Young has not specified how many clients are affected or if the breach extends beyond its U.S. customer base.The company has secured its systems, notified federal law enforcement, and removed the unauthorized access. While no misuse of the stolen files is currently known, EY is offering 24 months of identity monitoring and restoration services to affected clients.Source: Bleeping Computer
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
Attack VectorYou can skip this ad in 5 seconds




