EY Employees Charged After Allegedly Accessing Australian PM’s Banking Details
Two Ernst & Young (EY) employees on temporary assignment at the Commonwealth Bank of Australia (CBA) have been charged with unauthorized access to the personal banking details of Australian Prime Minister Anthony Albanese. The incident, reported by the Australian Financial Review on Tuesday, has raised serious concerns about data privacy and security within financial institutions.
The employees, who were also accused of accessing the banking records of at least one EY partner, were dismissed by the firm following the allegations. EY declined to comment on the matter, while a CBA spokesperson stated it would be inappropriate to discuss individual contractor cases.
The Australian Federal Police charged two Sydney men in connection with the breach, highlighting vulnerabilities in data protection protocols. The case adds to growing scrutiny of the Big Four accounting firms over their handling of sensitive information. Neither Albanese’s office nor EY has provided further public statements.
Ernst & Young TPRM report: https://www.rankiteo.com/company/ernstandyoung
Commonwealth Bank of Australia TPRM report: https://www.rankiteo.com/company/commonwealthbank
"id": "erncom1782793723",
"linkid": "ernstandyoung, commonwealthbank",
"type": "Breach",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Australian Prime Minister '
'Anthony Albanese, at least one '
'EY partner',
'industry': 'Banking',
'location': 'Australia',
'name': 'Commonwealth Bank of Australia (CBA)',
'type': 'Financial Institution'}],
'attack_vector': 'Insider Threat',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personal banking details'},
'description': 'Two Ernst & Young (EY) employees on temporary assignment at '
'the Commonwealth Bank of Australia (CBA) have been charged '
'with unauthorized access to the personal banking details of '
'Australian Prime Minister Anthony Albanese. The employees '
'were also accused of accessing the banking records of at '
'least one EY partner and were dismissed by the firm following '
'the allegations.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': 'Personal banking details',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential',
'payment_information_risk': 'High',
'systems_affected': 'Commonwealth Bank of Australia (CBA) banking '
'systems'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'root_causes': 'Insufficient access controls and '
'oversight'},
'references': [{'source': 'Australian Financial Review'}],
'regulatory_compliance': {'legal_actions': 'Charges filed by Australian '
'Federal Police',
'regulations_violated': 'Data privacy regulations'},
'response': {'containment_measures': 'Employees dismissed',
'law_enforcement_notified': 'Australian Federal Police'},
'threat_actor': 'EY Employees',
'title': 'EY Employees Charged After Allegedly Accessing Australian PM’s '
'Banking Details',
'type': 'Unauthorized Access',
'vulnerability_exploited': 'Insufficient access controls'}