Accenture has confirmed an Accenture breach after a threat actor claimed to have stolen 35GB of company data and offered it for sale on a cybercrime forum.

The company acknowledged the security incident and said it has already addressed the source of the breach. Accenture also stated that the incident has not affected its operations or service delivery.

Hacker Claims to Have Stolen Source Code

The threat actor, known as “888,” says the stolen data includes more than 35GB of internal files.

According to the forum post, the leak contains source code, RSA keys, SSH keys, Azure Personal Access Tokens (PATs), Azure Storage access keys, and configuration files.

To support the claim, the attacker shared a screenshot that appears to show an Azure DevOps repository hosted under an Accenture domain being cloned.

However, the full scope of the alleged breach has not been independently verified.

Accenture Confirms the Security Incident

Accenture confirmed that a security breach occurred but did not verify the attacker’s claims about the amount or type of data that may have been stolen.

The company also declined to explain how attackers gained access to its environment.

In addition, Accenture did not say whether customer information or client systems were affected by the incident.

Investigation Continues

Accenture says it has contained the source of the breach and continues to investigate the incident.

The company has not disclosed whether law enforcement or external cybersecurity firms are assisting with the investigation.

Further details may become available as the investigation progresses.

Previous Incidents Raise Concerns

This is not the first cybersecurity incident involving the company.

In 2024, the same threat actor attempted to sell Accenture employee data that allegedly originated from a third-party breach.

Accenture also suffered a high-profile ransomware attack in 2021 after the LockBit gang claimed to have stolen company data.

Stolen Credentials Could Increase Security Risks

If the attacker’s claims prove accurate, the exposed credentials could present significant cybersecurity risks.

RSA keys, SSH keys, and Azure access tokens can provide attackers with valuable information about an organization’s infrastructure. Even if the leaked credentials are no longer valid, they may help threat actors understand internal systems or support future attacks.

The Accenture breach highlights the continuing threat posed by data theft and the growing market for stolen corporate information on cybercrime forums.


0 responses to “Accenture Confirms Breach After Hacker Claims to Steal 35GB of Data”