diff --git a/src/main/java/org/dependencytrack/tasks/BomUploadProcessingTask.java b/src/main/java/org/dependencytrack/tasks/BomUploadProcessingTask.java
index 300ed4371c..179790f8ec 100644
--- a/src/main/java/org/dependencytrack/tasks/BomUploadProcessingTask.java
+++ b/src/main/java/org/dependencytrack/tasks/BomUploadProcessingTask.java
@@ -675,7 +675,13 @@ private static Predicate<ServiceComponent> distinctServicesByIdentity(
         final var identitiesSeen = new HashSet<ComponentIdentity>();
         return service -> {
             final var componentIdentity = new ComponentIdentity(service);
-            identitiesByBomRef.putIfAbsent(service.getBomRef(), componentIdentity);
+            final boolean isBomRefUnique = identitiesByBomRef.putIfAbsent(service.getBomRef(), componentIdentity) == null;
+            if (!isBomRefUnique) {
+            LOGGER.warn("""
+                BOM ref %s is associated with multiple services in the BOM; \
+                BOM refs are required to be unique; Please report this to the vendor \
+                of the tool that generated the BOM""".formatted(service.getBomRef()));
+            }
             bomRefsByIdentity.put(componentIdentity, service.getBomRef());
             final boolean isSeenBefore = !identitiesSeen.add(componentIdentity);
             if (LOGGER.isDebugEnabled() && isSeenBefore) {
@@ -715,7 +721,7 @@ private String resolveDirectDependenciesJson(
                 LOGGER.warn("""
                         Unable to resolve BOM ref %s to a component identity while processing direct \
                         dependencies of BOM ref %s; As a result, the dependency graph will likely be incomplete\
-                        """.formatted(dependencyBomRef, directDependencyBomRef));
+                        """.formatted(directDependencyBomRef, dependencyBomRef));
             }
         }