Accenture has confirmed a security breach involving unauthorized access to company data, following claims by a threat actor that 35 GB of source code and internal files were stolen. The IT services giant stated that the incident was “isolated” and has been remediated, with no reported impact on its global operations or service delivery, according to a report by BleepingComputer.
How did the security incident occur?
The breach came to light after a threat actor, identified as “888,” began offering the allegedly stolen data for sale on a cybercrime forum. The actor claimed the data was exfiltrated in July 2026. While Accenture acknowledged the security event, the company has not provided details regarding the specific entry point, the method of access, or whether customer data was compromised during the intrusion.
Accenture is a global professional services firm. It provides cloud, technology, and managed services to both private businesses and government agencies, making its internal infrastructure a high-value target for cybercriminals.
What data was allegedly compromised?
According to the threat actor, the exfiltrated 35 GB of data includes sensitive technical assets such as source code, RSA keys, SSH keys, Azure Storage access keys, and Azure Personal Access Tokens (PAT). The actor posted a screenshot purportedly showing the cloning of an Azure DevOps repository named “121123_AtriasTalentAcademy” under an internal Accenture hostname. BleepingComputer noted that it could not independently verify the full scope or authenticity of the stolen material.
How does this compare to past incidents?
This is not the first time Accenture’s internal data has been targeted. In 2024, the same threat actor attempted to sell employee data following a third-party breach. Furthermore, in 2021, the company faced a significant security incident when the LockBit ransomware gang successfully exfiltrated data from its systems. By contrast, while the 2021 incident involved a ransomware group, the current situation involves a threat actor attempting to monetize stolen source code and access keys through a public forum.
Pro Tip: Protecting DevOps Environments
Frequently Asked Questions
Did the Accenture breach affect customer data?
Accenture has stated that there is no impact to its operations or service delivery. However, the company has not specifically disclosed whether customer-related information was included in the 35 GB of stolen data.
Has the source of the breach been fixed?
Yes. Accenture informed BleepingComputer that it is aware of the “isolated matter” and has already remediated the source of the unauthorized access.
How can organizations verify if they are at risk?
Have you implemented automated credential rotation for your cloud environments? Share your thoughts in the comments below or subscribe to our weekly security newsletter for the latest updates on enterprise data protection.
