EY cyber report retracted after AI citation errors

EY Canada has withdrawn a cybersecurity report on loyalty programme safeguards after researchers found that much of its citation base was generated by AI rather than drawn from verifiable sources. Information Age reported the retraction after GPTZero published an investigation into the 44-page paper. It was the kind of finding that turns a routine consulting document into a governance headache — for any firm shipping security analysis under its own brand.

GPTZero said more than 70 per cent of the report’s 27 citations were AI-generated, invented or incorrectly referenced. Some studies simply did not exist. Others were real papers misattributed to the wrong authors or propping up statistics absent from the original. In cyber advisory work, those references carry weight: clients feed risk claims into fraud controls, programme reviews and board briefings. The sourcing is not decorative.

GPTZero’s researchers wrote that the paper’s troubles ran deeper than a slip in the footnotes.

“Not only does the text scan as AI-generated, it’s riddled with common LLM errors like fake statistics, misattributions and internal contradictions.”

— GPTZero researchers

Source notes and numerical claims alike were affected, they said, which made the episode awkward to dismiss as an editing mistake or one broken reference.

EY pulled the paper after questions surfaced. In a statement quoted by Information Age, the firm cited its standards around AI use and accuracy.

“EY Canada takes the accuracy of all the content we publish seriously, and we have an organisation-wide commitment to the responsible use of AI.”

— EY Canada spokesperson, Information Age

The article said EY Canada partner Anastasia Lou Regen was listed as a contributor to the report while it was still live. A separate Australian Financial Review account also reported that EY withdrew the study after researchers identified AI hallucinations in its sourcing.

The paper was framed as guidance on loyalty programme safeguards and cyber threats — the sort of document where a reference list is more than window dressing. Reports like this borrow authority from external studies routinely. Consultancies lean on them to benchmark attack trends or justify spending on controls. When the reference trail snaps, the reader cannot tell which claims came from real research and which were machine filler.

How fast consultancy cyber reports move inside large organisations is part of the problem. Security teams and boards use them to frame spending decisions, shape vendor conversations and structure internal control reviews. If the evidence underneath does not hold, what starts as an editorial failure ends up distorting how risk is discussed and where money goes.

For security leaders, this is not the failure mode most governance frameworks anticipate. AI policies inside consultancies tend to focus on model access, confidentiality and prompt hygiene. The EY case points to a simpler control that matters just as much: checking every source line by line before publication. A firm can have an AI policy on paper and still miss the point if nobody verifies the reference list.

None of this suggests every AI tool used in cyber work is unreliable. What it shows is simpler: a published report carried invented or misattributed citations through whatever review sat between draft generation and client release. That is a validation gap, not a model problem. If a firm uses machine assistance in research, someone still has to trace each citation back to a real paper, dataset or named source before the document goes out.

For boards and CISOs, the EY retraction is a reminder that AI governance in security runs wider than policy documents. It rests on source checking and sign-off discipline. When those checks fail inside a high-trust document, the reputational hit is immediate — and the rest of the report becomes hard to defend even where parts of the underlying analysis may have been sound.