teiss – News – Accenture confirms security breach as hacker claims theft of 35 GB of source code | #cybercrime | #infosec


Accenture has confirmed that it experienced a security breach after a hacker claimed to have stolen 35 gigabytes of source code and other internal data from the company and put it up for sale on a cybercrime forum.

A threat actor using the alias “888” posted the listing on July 6, 2026, stating that the breach occurred in July 2026 and resulted in just over 35 gigabytes of source code taken from the company. The actor described the stolen material as including source code, RSA keys, SSH keys, Azure personal access tokens, Azure storage access keys, and configuration files.

Accenture, a global professional services company that provides consulting, technology, cloud, engineering, and managed services to businesses and governments worldwide, acknowledged the incident but did not confirm the scope or specific categories of data the hacker claims to have taken. In a statement to BleepingComputer, the company said it was aware of “this isolated matter” and had “remediated its source,” adding that there was no impact to its operations or service delivery. Accenture did not disclose how the intrusion occurred or whether client data was affected.

To back the claim, “888” published a screenshot appearing to show command-line activity tied to Azure DevOps, including what looked like a request against a “dev.azure.com” address followed by a git clone operation. The captured output referenced a repository named “121123_AtriasTalentAcademy,” which the actor said was hosted under a redacted accenture.com production address, along with project metadata, visibility settings, and remote repository URLs. The sample also showed a partial clone in progress, pulling in several thousand objects at a rate of tens of megabytes per second, which the actor presented as evidence of live access to a private repository.

The listing was framed as a one-time sale, with payment to be accepted only in Monero, a privacy-oriented cryptocurrency often used on cybercrime forums to obscure transactions. No price for the data has been made public.

The scope and authenticity of the claimed data have not been independently verified, and security researchers have advised treating the specific data types and volume as unconfirmed pending forensic evidence or a leaked sample.

This is not the first time “888” has targeted Accenture. The same actor previously attempted to sell Accenture employee data tied to a third-party breach in 2024. Accenture also suffered a separate breach in 2021, when the LockBit ransomware group stole data from its systems.



Click Here For The Original Source.

——————————————————–

..........

.

.

National Cyber Security

FREE
VIEW