Ernst & Young Discloses Data Breach After Support System Hack
Ernst & Young is notifying customers of a data breach caused by the compromise of a third-party support ticket system used by its IT personnel. The breach may have exposed client tax information.
Intelligence analysis by Llama

Ernst & Young has disclosed a data breach after a third-party support system hack. The breach may have exposed client tax information, but the company has not shared exactly how many customers were affected.
Imagine you have a big company that helps other companies with their taxes and finances. Someone hacked into a system that helps the company's IT team fix problems, and they might have gotten some sensitive information about the company's clients. The company is trying to fix the problem and help its clients protect themselves.
Analysis
A $60B Vote of Confidence
Ernst & Young (EY) is among the world’s four largest auditing and professional services providers, offering auditing, tax, consulting, and transaction advisory services to major organizations in more than 150 countries. The company employs 406,000 people and reported a global revenue of $53.2 billion last year. The breach notification to affected clients states that Ernst & Young detected anomalous activity on its networks on April 23 and initiated an investigation. With help from external cybersecurity experts, the company determined that an unauthorized third party had accessed the said platform between March 28 and April 12 and downloaded multiple documents.
Why Cursor?
The affected information included certain personal and financial data contained in or used to prepare tax filings. Since the notification sample features a placeholder for the specific data types, the type of the information exposed remains unclear. Also, the company has not shared exactly how many customers were affected or whether the incident impacts only its U.S. customer base or other countries as well.
The Road Ahead
Ernst & Young says it secured its systems and notified federal law enforcement authorities, while it has assured that the unauthorized access has been removed. The company also states that it is not aware of any misuse or further exposure of the stolen files and has no indication that particular individuals were targeted by the threat actors. To mitigate the risks arising from this exposure, EY offers affected clients 24 months of identity monitoring and restoration service through Experian and urges letter recipients to enroll by October 31, 2026.
Key points
- Ernst & Young has disclosed a data breach caused by the compromise of a third-party support ticket system.
- The breach may have exposed client tax information, but the company has not shared exactly how many customers were affected.
- Ernst & Young has secured its systems and notified federal law enforcement authorities.
- The company is offering affected clients 24 months of identity monitoring and restoration service through Experian.
Ernst & Young's swift action to secure its systems and notify affected clients may help mitigate the risks associated with the data breach. The company's offer of 24 months of identity monitoring and restoration service through Experian may also provide affected clients with additional protection.
The data breach at Ernst & Young may have exposed sensitive client information, which could lead to identity theft or other forms of financial fraud. The company's failure to share exactly how many customers were affected or whether the incident impacts only its U.S. customer base or other countries as well may also raise concerns about the scope of the breach.



