Breach

Ernst & Young data breach exposes client tax information

(Adobe Stock)

Ernst & Young, a global professional services firm, is notifying customers of a data breach resulting from the compromise of a third-party support ticket system used by its IT personnel. Support tickets submitted through the platform may have contained documents with client tax information, with further coverage provided by Bleeping Computer.

The breach was detected on April 23 when Ernst & Young noticed anomalous activity on its networks. An investigation, aided by external cybersecurity experts, revealed that an unauthorized third party accessed the support ticket system between March 28 and April 12, downloading multiple documents. The exposed information includes personal and financial data used in tax filings, though the exact nature of the data remains unclear as specific details were not disclosed. Ernst & Young has not specified how many clients are affected or if the breach extends beyond its U.S. customer base.

The company has secured its systems, notified federal law enforcement, and removed the unauthorized access. While no misuse of the stolen files is currently known, EY is offering 24 months of identity monitoring and restoration services to affected clients.

Source: Bleeping Computer

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Attack Vector

You can skip this ad in 5 seconds