Ernst & Young (EY) has sacked a graduate employee who allegedly accessed the personal bank account of Australian Prime Minister Anthony Albanese, according to reports. The incident, which occurred in June 2026, has prompted an internal investigation and raised serious questions about data security protocols at the professional services firm.
Details of the Breach
The graduate, who was employed in EY's financial services division, is accused of using company systems to view the Prime Minister's bank account details without authorization. The breach was discovered during a routine security audit, and EY immediately launched an investigation. The employee's employment was terminated following the findings.
According to a source familiar with the matter, the graduate accessed the account information on multiple occasions over a two-week period. The motive remains unclear, but unauthorized access to sensitive financial data is a serious breach of privacy and company policy.
EY's Response
An EY spokesperson confirmed the termination, stating, "We take the security and confidentiality of our clients' data extremely seriously. Upon discovering this breach, we acted swiftly to investigate and terminate the individual involved. We are cooperating fully with relevant authorities." The firm has also implemented additional security measures to prevent future incidents.
Government Reaction
The Australian government has expressed concern over the breach. A spokesperson for Prime Minister Albanese said, "The Prime Minister's office has been notified and is taking the matter seriously. We are working with EY and law enforcement to ensure appropriate action is taken." The incident has sparked discussions about the security of personal data held by third-party contractors.
Broader Implications
The breach highlights the risks associated with outsourcing financial and data management to large consulting firms. With access to sensitive information of high-profile individuals, companies like EY must maintain stringent security protocols. This incident could lead to calls for tighter regulations and oversight of data access by private firms.
Industry experts note that while such breaches are rare, they can have significant consequences. "This is a wake-up call for all firms handling sensitive data," said cybersecurity analyst Dr. Sarah Chen. "It underscores the need for robust access controls and continuous monitoring."
Legal Consequences
The former employee could face legal action under Australia's privacy laws. Unauthorized access to personal information carries penalties including fines and imprisonment. The Australian Federal Police have been notified and are assessing whether to launch a criminal investigation.
EY has offered support to the Prime Minister's office and assured that steps are being taken to prevent recurrence. The firm is also reviewing its hiring and training procedures to ensure all employees understand the importance of data confidentiality.
