Data poisoning is spreading: EY's 44-page cybersecurity report exposed, 16 out of 27 citations were fabricated by AI

AI detection company GPTZero has exposed a 44-page cybersecurity report from the Canadian branch of EY, revealing that 16 out of 27 citations were AI hallucinations (fabricated or invalid), and approximately 72% of the entire report was AI-generated text. (Previous coverage: Missouri officially sues CoinFlip: Crypto ATMs become tools for fraud and money laundering, seeking up to $1.826 million in damages) (Background: Canada plans to ban crypto ATMs: 4,000 machines, a first among G7 nations, with FINTRAC data defining the policy logic) An investigation found that the 44-page white paper titled "Points of Attack: Uncovering Cyber Threats and Fraud in Loyalty Systems," released by EY Canada in late 2025, contained significant flaws. AI monitoring company GPTZero publicly disclosed in mid-May that they had verified the 27 citations one by one, finding that 16 were hallucinations, exceeding 70%. The report lacked academic footnotes, instead using in-text citations and attaching a "Resource Table" on pages 41 to 43, listing source titles, descriptions, URLs, and occasionally publishers and dates. The problem lies in this table: almost all URLs were either invalid or non-existent, and more than half of the source titles did not match any real publications. Approximately 72% of the text in the report was determined to be AI-generated. The most direct issue with the report is a set of contradictory figures that could hardly have been written by the same person. The executive summary claims the "global loyalty points market size is $200 billion," while noting that 30% to 50% of points are never used. However, page 10 of the report states that "$200 billion" is the total value of "unredeemed points." If 50% of points are unredeemed and their value is already $200 billion, the global market size must be at least $400 billion; the figures on the two pages contradict each other. More critically, both figures were accompanied by citations: one fake Forbes and one fake McKinsey. GPTZero traced the "McKinsey & Company: Loyalty Economics Report (2022)" and found that this file does not exist. Looking back six months, they found almost identical sentences in a Financial IT blog post, which also cited this fake McKinsey report as a source. In other words, someone first fabricated an academic citation on a low-traffic blog, and the EY report later "laundered" it into a publication from a Big Four firm. This is what is known as citation chain pollution. GPTZero engineers coined a term for this phenomenon: "vibe citing." Simply put, researchers or consultants are too lazy to check real sources and instead let AI generate the references, resulting in a pile of entries that look like citations but are entirely fabricated. This is the first in a series of investigations by GPTZero. In recent months, they have built an automated pipeline to systematically scan public reports from large consulting firms. Preliminary results show that vibe citing has reached epidemic levels, with even industry leaders falling victim. GPTZero calls the greatest harm of this report "data poisoning." Simply put, uploading files containing false information to the internet is equivalent to injecting toxins into the shared knowledge pool, misleading future researchers and policymakers. EY Canada provides millions of dollars in audit and consulting services to the Canadian government annually. When the publisher is an institution of this caliber and the file is hosted on a high-traffic official website, the toxins spread faster and the loss of trust is harder to repair. This report has already caused ripples in Australian media: a Canberra Times article citing this report was reprinted in over 60 newspapers across Australia. GPTZero's tests show that Claude, ChatGPT, and Perplexity, when asked questions like "average detection time for loyalty program fraud," have all cited this hallucination-filled EY report. AI "deep research" tools use different signals than humans when selecting sources and rely more heavily on brand halo effects, making them more vulnerable to this type of data poisoning. GPTZero's hallucination detection tool is currently used by top academic conferences such as IJCAI, ICLR, and ICSE to screen paper submissions. Previously, GPTZero has also investigated government documents, two Deloitte reports, and papers from the NeurIPS and ICLR conferences. After the investigation report was released, EY Canada removed the white paper from its official website and issued a statement: "EY Canada takes the accuracy of everything we publish seriously and has an organization-wide commitment to the responsible use of AI. We are reviewing why this report was published." A top global firm built on rigorous auditing handed over its brand credibility to a language model that was too lazy to check its own citations, using an AI-generated white