Tag: data breach

  • Accenture Acknowledges Security Incident After Hacker Alleges Theft of 35GB of Internal Data

    Accenture Acknowledges Security Incident After Hacker Alleges Theft of 35GB of Internal Data

    Accenture has confirmed that it recently experienced a cybersecurity incident after a hacker claimed to have stolen 35GB of company data. The attacker allegedly offered the data for sale on a cybercrime forum. While the company admitted a breach occurred, it stated the issue was limited and already resolved, with no disruption to its services or business operations.

    The incident came to light following a report from BleepingComputer, which was subsequently picked up by multiple technology news outlets. According to those reports, a hacker using the alias “888” claimed to have accessed a large volume of internal Accenture data in July 2026.

    Hacker Claims Stolen Data Includes Sensitive Credentials

    The hacker alleged that the stolen files include source code, RSA keys, SSH keys, Azure Personal Access Tokens, Azure Storage access keys, and configuration files. These components are critical to a company’s software and cloud infrastructure. If active keys or tokens are compromised, attackers could potentially gain unauthorized access to internal systems. Security experts caution that the claim has not yet been independently verified.

    To support the claim, the hacker shared a screenshot appearing to show an Azure DevOps project associated with an Accenture domain, including a repository named “121123_AtriasTalentAcademy.” While the screenshot makes the claim more credible, no independent verification of the full 35GB dataset has been conducted.

    Accenture’s Response

    Accenture confirmed the security incident and stated that it quickly remediated the source of the breach. The company emphasized that there has been no impact on its operations or service delivery. It did not disclose how the attacker gained entry, nor did it confirm the exact volume of data stolen or whether any customer information was affected.

    This breach underscores that even a rapid response cannot eliminate all risks. If source code or cloud access credentials fall into the wrong hands, attackers may use them to study systems and identify vulnerabilities. Companies typically rotate passwords, keys, and tokens after such incidents to mitigate future threats.

    Accenture has faced cyberattacks before. In 2021, it was hit by a LockBit ransomware attack that drew global attention. In 2024, the same hacker known as “888” claimed to have accessed Accenture employee data following a separate third-party breach. These incidents highlight that large technology and consulting firms remain prime targets for cybercriminals.

    Unanswered Questions

    Several details remain unclear. No independent investigation has confirmed the hacker’s claim regarding the 35GB dataset. Accenture has not disclosed the specific files involved or the attack vector. At this stage, the company has only confirmed that a breach occurred, the issue has been fixed, and services continue without disruption. The rest of the claims rely on the hacker’s assertions.