EY Canada removed a cybersecurity report after an investigation found it contained AI-generated fabrications, including non-existent sources and inaccurate claims.
A cybersecurity report published by EY Canada has been removed from the firm's website after an investigation found that large sections of it were generated using AI and contained fabricated citations and inaccurate claims.
The report, titled "Points of Attack: Uncovering Cyber Threats and Fraud in Loyalty Systems", was released in late 2025 and examined cyber risks linked to loyalty rewards programmes.
However, AI-detection company GPTZero said its investigation found the 44-page document was "stuffed with hallucinations", including dozens of references to sources that either did not exist or could not be verified.
According to GPTZero, 16 of the report's 27 cited sources were either fabricated, misattributed or linked to broken web pages. References attributed to publications including Forbes, McKinsey & Company, Gartner, TechCrunch and WIRED reportedly led to missing pages or articles that never existed.
The report had been credited to three EY Canada employees, including two partners and a senior manager.
In a blog post outlining its investigation, GPTZero said the EY Canada report relied on in-text references and a resources table rather than conventional footnotes or academic citations.
"This table provides a source title, description, and URL for all sources, as well as the...
Schubert Jonckheer & Kolbe LLP advises Humana Inc. (NYSE: HUM) investors that the firm is investigating potential legal claims arising from alleged false and misleading statements about the co...