The EY employees, who joined the firm in March, were on secondment to the country’s largest lender Commonwealth Bank of Australia at the time of the breach, the people said, declining to be named because the events haven’t been made public. They were later fired by EY, the people said.
EY declined to comment. According to the Australian Financial Review, which first reported the firings on Tuesday, the graduates also accessed the account of at least one EY partner before CBA found out about the breach and alerted the consulting firm.
ALSO READ: Meta’s Own AI Helped Hackers Steal Instagram Accounts Before Emergency Patch
The Australian Federal Police said it had charged two men, aged 21 and 25, with accessing restricted personal banking data belonging to a federal parliamentarian. They are due in court in Sydney on Tuesday.
The report follows years of tumult at Australia’s biggest consulting and accounting firms over the commercial exploitation of privileged information.
Last week, KPMG Australia said Chair Martin Sheppard would leave following whistleblower allegations the firm used confidential client information to help win business. Three years ago, PwC was rocked – and ultimately broken up in Australia – by revelations it leaked confidential government information to corporate clients.
A spokesman for CBA said it’s not appropriate for the bank to comment on individual contractor matters. The prime minister’s office is aware of the incident but declined to comment, according to the AFR.
The AFR report said EY trains its staff on how to handle confidential data, warning employees that bank accounts should never be accessed out of curiosity alone.
