Ernst & Young published cybersecurity report full of hallucinations
A recent Ernst & Young report on cybersecurity has been criticized for containing numerous inaccuracies and fake citations. The report, titled 'Points of Attack: Uncovering Cyber Threats and Fraud in Loyalty Systems,' has raised concerns about the reliability of information in consulting reports. Investigations reveal that the issue of 'vibe citing' is prevalent among major consulting firms, potentially undermining public trust in their findings.
- ▪The Ernst & Young report is filled with fake citations and misattributions.
- ▪Many URLs referenced in the report are broken or do not correspond to real sources.
- ▪The phenomenon of 'vibe citing' is becoming endemic among major consulting firms.
Opening excerpt (first ~120 words) tap to expand
InvestigationsPEACOm Ogale, Paul Esau, Alex CuiMAY 14, 2026Copy linkEarlier this year, an engineer at GPTZero coined the term “vibe citing” to describe the accidental creation of fake references via LLM hallucinations. It turns out that the friction of creating and checking citations is leading many researchers, consultants, lawyers, and public officials to embrace the vibe (if you know what we mean).Among the converts are the authors of a 2025 Ernst & Young report titled Points of Attack: Uncovering Cyber Threats and Fraud in Loyalty Systems.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Hacker News (Front Page).
Discussion
0 commentsMore from Hacker News (Front Page)
