On August 9, 2023, the Washington State Office of the Attorney General reported a data breach affecting Ernst & Young LLP (EY US). The breach occurred from May 27, 2023, to May 31, 2023, involving a third-party service vulnerability in Progress Software’s MOVEit Transfer solution. The breach affected 1,129 Washington residents, compromising personal data including names, Social Security numbers, and financial information.
TPRM report: https://www.rankiteo.com/company/ernstandyoung
"id": "ern447072725",
"linkid": "ernstandyoung",
"type": "Breach",
"date": "5/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 1129,
'industry': 'Professional Services',
'name': 'Ernst & Young LLP (EY US)',
'type': 'Company'}],
'attack_vector': 'Third-party service vulnerability',
'data_breach': {'number_of_records_exposed': 1129,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'Social Security numbers',
'financial information']},
'date_detected': '2023-08-09',
'date_publicly_disclosed': '2023-08-09',
'description': 'A data breach affecting Ernst & Young LLP (EY US) occurred '
'from May 27, 2023, to May 31, 2023, involving a third-party '
'service vulnerability in Progress Software’s MOVEit Transfer '
'solution.',
'impact': {'data_compromised': ['names',
'Social Security numbers',
'financial information']},
'references': [{'date_accessed': '2023-08-09',
'source': 'Washington State Office of the Attorney General'}],
'title': 'Data Breach at Ernst & Young LLP (EY US)',
'type': 'Data Breach',
'vulnerability_exploited': 'Progress Software’s MOVEit Transfer solution'}