Limited distribution: Ernst & Young (2TB)
Files from the Canadian firm EY Law released by the cl0p ransomware group
Two terabytes of internal files from a Toronto branch of the multinational firm Ernst & Young (EY). Ernst & Young primarily provides accounting, tax, consulting and advisory services. The branch impacted by this hack appear to be EY Law in Toronto, Canada.
EY filed a breach notification with the office of the Maine attorney general and sent a notice to customers impacted saying:
We write on behalf of EY Law regarding a security incident involving a third-party service provider. On May 31, 2023, we were informed by our third-party supplier, Progress Software, of a security vulnerability involving the supplier’s MOVEit Transfer solution.
The ransomware group behind this hack, Cl0p, announced a list of clients of EY included in the breach, like Air Canada and TD Bank. Cl0p published the EY Law dataset on their dark net blog, and via torrents.
We have archived the files under our ransomware category in the archive.
Due to widespread presence of PII such as identification documents, the data is only being made available to journalists and researchers. Researchers and journalists can open a ticket in our request system to access data from the limited distribution collections.
Distributed Denial of Secrets is a 501c3 registered non-profit. Your donations help us to continue to publish.