EY Canada removes loyalty-program cyber report that GPTZero tied to AI prose and fake citations

EY Canada has removed from its public site a 44-page thought-leadership PDF on loyalty-programme cyber risk—Points of Attack: Uncovering Cyber Threats and Fraud in Loyalty Systems—after an outside investigation argued the document could not survive basic citation hygiene and that automated scans showed a high share of machine-generated prose. In a 14 May 2026 publication, researchers at GPTZero walked line-by-line through the report’s resources table (they locate it around pages 41–43), asserting that many listed URLs 404, that several titles do not map to real publisher articles, and that at least one McKinsey & Company item described as a 2022 “Loyalty Economics” report does not exist as cited. Mainstream technology desks—including The Indian Express—subsequently reported that EY had retracted the study and was “reviewing the circumstances that led to this article’s publication,” while clarifying the piece was not tied to a client engagement.

News accounts quote EY Canada as saying the firm “takes the accuracy of all the content we publish seriously” and maintains “an organisation-wide commitment to the responsible use of AI.” This desk treats GPTZero’s file as an allegation packet, not a court finding: what is already observable, independent of the startup’s models, is that a Big Four branded PDF that cannot be replicated from its own footnotes becomes a reputational liability the moment journalists or rivals try to open the links.

What GPTZero’s investigation emphasises

GPTZero’s authors—Om Ogale, Paul Esau, and Alex Cui—frame the failure mode as “vibe citing,” their term for references that look like diligence but collapse when URLs and publisher catalogues are checked. In the EY case study they publish, they highlight rows that point to BleepingComputer, Wired, Gartner, Forbes, Cisco Talos, TechCrunch, and McKinsey addresses that either do not resolve to the described story, resolve to generic tag pages, or describe documents GPTZero says cannot be matched to any real catalogue entry. They also flag internal tension in headline numbers: an executive-summary line that treats $200 billion as the scale of the global loyalty-points market versus later language they read as repurposing the same $200 billion magnitude for unredeemed points—arithmetic they argue becomes incompatible with the report’s own earlier 30–50% “unused points” band.

Separately, GPTZero traces a McKinsey-labelled row to a chain they say begins with an obscure fintech blog that already listed the same non-existent McKinsey title—evidence, in their telling, of citation laundering across sites with very different trust anchors.

Why loyalty fraud was a plausible marketing wrapper

Rewards databases sit on PII, payment tokens, and partner APIs—natural cyber sales hooks for a Canadian consumer and retail practice. Thought-leadership PDFs in that lane are meant to tee up conversations with retailers, banks, and airlines; the withdrawn file sat squarely in that go-to-market pattern before it became a case study in verification instead.

For CISOs and general counsel, the operational lesson is narrower than “never use models”: reference tables generated or edited with LLMs need the same independent URL-opening discipline that audit teams already apply to junior Excel files—because regulators, plaintiffs’ firms, and reporters now apply it for them.

Institutional stakes beyond one PDF

GPTZero explicitly connects the episode to AI search and deep-research tools that ingest high-authority domains into downstream answers. If a fabricated table survives on a trusted host, machine summarisation can amplify it even after human specialists have moved on. That is why removal plus a root-cause review matters more than a quiet 404: broken trust scales with crawl frequency.

Other professional-services miscitation cases—Deloitte work for a Canadian provincial government cited in the same news cycle, and U.S. court filings with botched statute citations—are not legally identical, but they share a workflow warning: generative drafting without reference-grade QA converts brand equity into debate club material.

What a fair reader should watch next

Credible closure would include a written methodology addendum if EY reissues the topic, named accountability for publication controls, and transparent retention policy for any client decks that recycled the withdrawn figures. Until then, treat any lingering third-party slides or syndicated newspaper lines that still cite the PDF as stale—and re-verify every URL before reuse.