Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1933+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. Ernst & Young Discloses Data Breach After Third-Party IT Support System Hacked
Ernst & Young Discloses Data Breach After Third-Party IT Support System Hacked
NEWS

Ernst & Young Discloses Data Breach After Third-Party IT Support System Hacked

Ernst & Young is notifying customers of a data breach stemming from the compromise of a third-party support ticket system used by its IT personnel, highlighting the continued risk posed by vendor and supply chain attacks on major enterprises.

Dylan H.

News Desk

July 17, 2026
4 min read

Overview

Ernst & Young (EY), one of the Big Four global professional services and accounting firms, has disclosed a data breach affecting customer data. The breach originated not in EY's core enterprise systems, but in a third-party support ticket platform used by EY IT personnel to manage technical support requests.

EY is actively notifying affected customers, though the firm has not yet publicly disclosed the full scope of the breach — including the number of individuals affected or the specific categories of data exposed.

What Happened

According to reporting by BleepingComputer, attackers compromised a support ticket system operated by a third-party vendor and used by EY's internal IT support team. Support ticket systems often contain a significant volume of sensitive information, including:

  • Internal user account details and employee identifiers
  • Customer names and contact information submitted in support requests
  • System configuration details, error logs, and internal documentation
  • Potentially sensitive business context shared during IT support interactions

The compromise of this type of platform — rather than a core financial or client data system — illustrates the evolving nature of supply chain attacks: adversaries increasingly target the peripheral tools and vendors that large organizations rely on for day-to-day operations, rather than attempting to breach hardened core systems directly.

Why Third-Party Breaches Are So Dangerous

Third-party and vendor breaches have become one of the most common initial access vectors in major enterprise compromises. Key reasons include:

  • Lower security posture: Third-party SaaS vendors and support platforms often have less mature security programs than the large enterprises they serve
  • High data concentration: Tools like ticketing systems, HR platforms, and CRM solutions aggregate sensitive data from across an organization
  • Blind spots in vendor risk management: Many organizations do not apply the same rigor to assessing the security of auxiliary vendors as they do to core systems

EY joins a growing list of enterprises that have suffered breaches through vendor software rather than direct network intrusion — a pattern seen in incidents involving MOVEit, Okta, and numerous other third-party platforms over the past several years.

Impact and Response

EY has begun notifying affected customers in accordance with applicable data breach notification regulations. The firm has not publicly confirmed which countries' regulations are implicated, but given EY's global operations across 150+ countries, multiple jurisdictions' breach notification timelines and requirements likely apply.

At time of publication:

  • The breach scope (number of individuals, data types) has not been fully disclosed
  • The identity of the third-party vendor involved has not been confirmed publicly
  • EY has not indicated whether the breach involved ransomware or data exfiltration for financial extortion

What Affected Individuals Should Do

If you have had IT support interactions with Ernst & Young or received a breach notification:

  1. Watch for phishing: Stolen support ticket data is frequently used to craft targeted phishing emails that reference real support issues or EY business context
  2. Change relevant passwords: If any credentials were shared or discussed in support tickets, rotate them immediately
  3. Monitor financial accounts: If any financial or account information was involved in support interactions, monitor for unauthorized activity
  4. Verify communications: Be skeptical of any EY-branded emails or calls referencing the breach — confirm through official EY contact channels before taking action

Broader Implications

The EY breach is a reminder that even the world's most sophisticated professional services firms — which routinely advise clients on cybersecurity risk and compliance — are not immune to third-party supply chain attacks. The security of an organization is only as strong as the weakest link in its vendor ecosystem.

For organizations evaluating their own third-party risk posture, this incident underscores the importance of:

  • Vendor security assessments that go beyond questionnaires to include technical controls validation
  • Least-privilege access — vendors should only have access to the minimum data required to deliver their service
  • Data minimization in support and ticketing systems — not everything needs to be documented
  • Continuous monitoring of third-party integrations and access patterns

References

  • BleepingComputer — Ernst and Young discloses data breach after support system hack
#Data Breach#Ernst and Young#EY#Third-Party Risk#Supply Chain#BleepingComputer

Related Articles

Video Service Vimeo Confirms Anodot Breach Exposed User Data

Vimeo has confirmed that customer and user data was accessed without authorization following a security breach at Anodot, a data anomaly detection...

6 min read

More Klue Breach Victims Identified as Hackers Get Hacked

Roughly two dozen companies have notified their customers of impact from the Klue-Salesforce breach incident — a cascade that now includes the hackers...

5 min read

Nintendo Confirms Employee Data Stolen in TinyPulse Cyberattack by Shadowbyt3$

Nintendo of America has confirmed that approximately 1GB of employee data — including W-9 forms, bank statements, and HR survey responses — was...

5 min read
Back to all News