Accenture confirms security breach after data-sale claim surfaces online

Accenture has confirmed it experienced a security incident after a threat actor began advertising what they claimed was stolen company data for sale on a cybercrime forum.The attacker, using the name...

Accenture has confirmed it experienced a security incident after a threat actor began advertising what they claimed was stolen company data for sale on a cybercrime forum.

The attacker, using the name “888,” said they obtained about 35 GB of material in a July breach and described the contents as source code and related technical files. According to the forum post, the alleged haul also includes RSA keys, SSH keys, Azure personal access tokens, Azure storage credentials, and configuration data.

In a statement to BleepingComputer, Accenture said it had identified and remediated the source of the incident. The company added that the event appears to be isolated and that there was no impact on its operations or service delivery.

What the attacker claimed

To back up the sale, the threat actor posted a screenshot that appears to show an Azure DevOps repository being cloned from an Accenture-associated environment. The repository name visible in the image was “121123_AtriasTalentAcademy,” though the publication noted it could not independently verify the full extent of the data involved.

Accenture has not said how the intrusion occurred, whether the stolen material included customer information, or whether any personal data was affected. The company also has not confirmed the specific type or volume of files the attacker claims to have taken.

History of prior incidents

  • The same threat actor previously tried to sell employee data tied to Accenture after a third-party breach in 2024.
  • Accenture was also affected by a 2021 incident in which the LockBit ransomware gang claimed to have stolen data from its systems.

Accenture is a multinational professional services company that provides consulting, cloud, technology, engineering, and managed services to organizations and governments around the world.

BleepingComputer said it has asked the company for additional details and will update its reporting if more information becomes available.