Cybertech Europe 2026-IT Industry Official Media Partner
Subscribe

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
Contact us

Ernst & Young reveals data breach after support system breach

Ernst & Young visualizes a data breach after a third-party support system is compromised, focusing on cybersecurity and global digital networks. Ernst & Young visualizes a data breach after a third-party support system is compromised, focusing on cybersecurity and global digital networks.
Cyberattack against Ernst & Young may have exposed sensitive client data, showing how third-party risks continue to threaten global businesses.

Ernst & Young reveals data breach after cyberattack after a third-party support ticketing system used by the company's IT staff was compromised. According to the company, support tickets may have contained documents with sensitive personal data and tax-related customer information.

According to EY, support cases submitted via the platform may have contained documents with sensitive customer information, including tax-related information.

EY is one of the world's four largest audit and consulting firms and offers audit, tax, advisory and transaction services to organizations in over 150 countries. The company has around 406,000 employees and reported global sales of $53.2 billion during the last fiscal year.

  • VORTIQ-X AI Governance helps companies transform AI into controllable and verifiable business value.
    VORTIQ-X is an AI Governance platform that helps organizations govern, verify, and create measurable business value from AI. The platform focuses on transparency, compliance, AI governance, and the effective use of AI in mission-critical processes.
    ADVERTISEMENT

  • Maciek Szczesniak featured on IT-Branschen Wire Channel Magic Chats podcast banner
    Maciek Szczesniak appears on IT-Branschen Wire Channel Magic Chats, discussing leadership, innovation, digital transformation, and business services.
    SPONSORED

  • The IT industry Nordic technology media platform covering cybersecurity, cloud, AI, digital transformation, channel, MSP and enterprise IT news
    The IT industry is a leading Nordic technology media platform covering cybersecurity news, artificial intelligence, cloud computing, enterprise IT, digital transformation, managed services, channel partners, software development, telecommunications, data centers, IT infrastructure, technology leadership, business innovation, and emerging technologies. Through executive interviews, industry analysis, event coverage, thought leadership, product launches, vendor updates, and market insights, the IT industry connects technology decision-makers, CIOs, CISOs, CTOs, IT managers, MSPs, resellers, distributors, technology vendors, startups, and enterprise organizations across Sweden, Norway, Denmark, Finland, and Europe. Coverage includes cybersecurity trends, AI adoption, cloud strategy, enterprise software, networking, digital infrastructure, sustainability, compliance, governance, risk management, automation, data analytics, and future technology developments.
    OWN CONTENT

  • Cybertech Europe 2026 cybersecurity conference in Rome with the IT industry as Official Media Partner
    Cybertech Europe 2026 is one of Europe's leading cybersecurity conferences, bringing together cybersecurity leaders, government officials, technology innovators, startups, investors, and enterprise decision-makers in Rome. The IT industry serves as an Official Media Partner, providing event coverage, executive interviews, industry insights, and cybersecurity news for Nordic and European audiences.
    ADVERTISEMENT

In the message to affected clients, EY states that the company discovered suspicious activity on its networks on April 23 and immediately launched an internal investigation.

With the support of external cybersecurity experts, EY that an unauthorized actor had access to the relevant support system between March 28 and April 12. During this period, a number of documents were downloaded from the platform.

The exposed information includes: according to EY, certain personal and financial data that was included in, or used to prepare, tax returns. However, the company has not specified exactly which data types were affected, making the scope of the exposed information unclear.

EY has also not stated how many clients have been affected or whether the incident only affects the US operations or also clients in other countries.

According to the company, the systems have now been secured and the unauthorized access has been stopped. The incident has also been reported to federal law enforcement agencies in the United States.

EY further states that there are currently no indications that the stolen information has been misused or disseminated. The company also says it sees no signs that individuals were specifically targeted for the attack.

As a precautionary measure, EY is offering affected clients 24 months of identity monitoring and recovery services through Experian. Clients who have been notified of the incident are encouraged to register by October 31, 2026.

At the time of publication, no ransomware or data extortion group has claimed responsibility for the attack on Ernst & Young.

The incident shows how even global companies like Ernst & Young can be affected when third-party providers are compromised. At the same time, the incident highlights the importance of protecting support platforms and sensitive customer data against increasingly sophisticated cyber threats.

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
  • The IT industry Nordic technology media platform covering cybersecurity, cloud, AI, digital transformation, channel, MSP and enterprise IT news
    The IT industry is a leading Nordic technology media platform covering cybersecurity news, artificial intelligence, cloud computing, enterprise IT, digital transformation, managed services, channel partners, software development, telecommunications, data centers, IT infrastructure, technology leadership, business innovation, and emerging technologies. Through executive interviews, industry analysis, event coverage, thought leadership, product launches, vendor updates, and market insights, the IT industry connects technology decision-makers, CIOs, CISOs, CTOs, IT managers, MSPs, resellers, distributors, technology vendors, startups, and enterprise organizations across Sweden, Norway, Denmark, Finland, and Europe. Coverage includes cybersecurity trends, AI adoption, cloud strategy, enterprise software, networking, digital infrastructure, sustainability, compliance, governance, risk management, automation, data analytics, and future technology developments.
    OWN CONTENT

  • Cybertech Europe 2026 cybersecurity conference in Rome with the IT industry as Official Media Partner
    Cybertech Europe 2026 is one of Europe's leading cybersecurity conferences, bringing together cybersecurity leaders, government officials, technology innovators, startups, investors, and enterprise decision-makers in Rome. The IT industry serves as an Official Media Partner, providing event coverage, executive interviews, industry insights, and cybersecurity news for Nordic and European audiences.
    ADVERTISEMENT

  • VORTIQ-X AI Governance helps companies transform AI into controllable and verifiable business value.
    VORTIQ-X is an AI Governance platform that helps organizations govern, verify, and create measurable business value from AI. The platform focuses on transparency, compliance, AI governance, and the effective use of AI in mission-critical processes.
    ADVERTISEMENT

  • Maciek Szczesniak featured on IT-Branschen Wire Channel Magic Chats podcast banner
    Maciek Szczesniak appears on IT-Branschen Wire Channel Magic Chats, discussing leadership, innovation, digital transformation, and business services.
    SPONSORED