Ernst and Young is a consulting company that offers tax services and other specialty services to major companies such as Bank of America. While performing its daily tasks the company gathers a significant amount of information and stores and uses it. The organization relies on special software and protective measures to protect the data, but the recent breach shows that the data is still at risk. Get details about how the Ernst and Young breach exposed Bank of America cardholders below.
Ernst and Young's employees relied on MOVEit file transfer software to protect documents while transferring them. The software suffered from a security issue that exposed all the companies working with the tool to significant data losses. Ernst and Young were impacted by this security issue as well and lost a significant amount of client data during an attack by the ransomware gang.
The breach likely occurred near the end of May or the beginning of June of 2023. This is when the breach occurred for most other companies impacted by the MOVEit file transfer breach.
More than 30,000 Bank of America cardholders were identified as potential victims of this data breach. Each of those individuals could have experienced significant data loss and may be at risk of being hit by identity theft or phishing attacks.
We don't know how many total files were involved in this Ernst and Young data breach. We do know that more than 30,000 people were impacted by the breach, and we suspect hundreds or even thousands of documents were accessed during the attack.