Accenture Confirms Data Breach – Hacker Claims Theft of Internal Source Code

Accenture Confirms Data Breach – Hacker Claims Theft of Internal Source Code










IT services and consulting giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of source code and other sensitive data from the company.

A threat actor operating under the alias “888” posted a listing on the cybercrime forum PwnForums on July 6, 2026, offering the alleged Accenture data for a one-time sale, payable only in Monero (XMR); at Cybersecuritynews, we reported on this alleged claim Yesterday.

The post claimed that “In July 2026, Accenture suffered a data breach which resulted in just over 35 GB of source codes getting stolen from the company”.

According to the actor, the exfiltrated haul spans source code, RSA keys, SSH keys, Azure Personal Access Tokens (PATs), Azure Storage Access Keys, and internal configuration files.

As proof of possession, “888” posted a screenshot that appears to show a private Azure DevOps repository hosted under an accenture.com domain, along with what appears to be a “git clone” command pulling from an internal “AtriasTalentAcademy” repo listed as private with visibility restrictions.

When contacted by CybersecurityNews, Accenture confirmed the incident but declined to validate the scope or specific data types cited by the attacker. A company spokesperson stated: “We are aware of this isolated matter, and we have remediated its source.

There is no impact to Accenture operations and service delivery”. The company has not disclosed whether production source code or client-facing credentials were part of the compromised material. Security researchers note that no independent forensic analysis or leaked data sample has yet been published to verify the full scope of the claims.

This is not “888”‘s first alleged run at Accenture. In June 2024, the same actor tried to sell a dataset described as belonging to 32,826 current and former Accenture employees, claiming it stemmed from a third-party breach.

Accenture publicly disputed that claim at the time, stating its own analysis found the leaked set contained “only three names and Accenture email addresses” and no other Accenture-related information.

Separately, Accenture was hit by the LockBit ransomware gang in August 2021, when attackers claimed to have stolen over 6TB of data and demanded a $50 million ransom.

The mix of data types claimed in this latest incident is notable because Azure PATs, storage access keys, and SSH/RSA keys, if genuine and unrotated, could allow further lateral access into cloud infrastructure or code repositories beyond the initial breach point.

Source code exposure also raises concerns around potential hardcoded secrets or intellectual property leakage, though Accenture has stated there is no impact on operations or service delivery.

Stop Accepting SLAs Written for 2019 SOCs – Here’s the 2026 AI SLA Vendor ChecklistDownload Free AI SOC SLA Guide

The post Accenture Confirms Data Breach – Hacker Claims Theft of Internal Source Code appeared first on Cyber Security News.






Guru Baran





Go to cyber-security-news





by