Accenture Confirms Data Breach After Hacker Claims 35GB Theft
Accenture, a leading global IT services provider, has acknowledged an isolated data breach following claims by a hacker known as “888” to be selling 35GB of stolen source code and credentials. The company stated it has remediated the incident with no impact on operations or service delivery.
On July 6, the threat actor “888” posted on a cybercrime forum, offering the stolen data for sale. The haul reportedly included source code, RSA and SSH keys, Azure Personal Access Tokens (PAT), Azure storage access keys, and configuration files. A sample of the data was provided as proof. Screenshots shared with cybersecurity organizations showed the attacker cloning an Azure DevOps repository.
Accenture did not disclose details about the breach, including the nature of the compromised data (whether internal or customer-related), how it was accessed, or the timeline of the incident. This is not the first time the company has faced such threats earlier in 2024, the same hacker attempted to sell Accenture employee data linked to a third-party breach.
While the company maintains that the breach was contained, the incident underscores ongoing risks to enterprise security, particularly involving source code and access credentials. No further operational disruptions have been reported.
Accenture cybersecurity rating report: https://www.rankiteo.com/company/accenture
"id": "ACC1783556620",
"linkid": "accenture",
"type": "Breach",
"date": "7/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Information Technology and Services',
'location': 'Global',
'name': 'Accenture',
'type': 'IT Services Provider'}],
'data_breach': {'data_exfiltration': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Source code',
'RSA keys',
'SSH keys',
'Azure Personal Access Tokens '
'(PAT)',
'Azure storage access keys',
'Configuration files']},
'date_publicly_disclosed': '2024-07-06',
'description': 'Accenture confirmed an isolated data breach following claims '
"by a hacker known as '888' to be selling 35GB of stolen "
'source code and credentials. The company stated it has '
'remediated the incident with no impact on operations or '
'service delivery.',
'impact': {'data_compromised': '35GB of stolen data',
'operational_impact': 'No impact on operations or service '
'delivery'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'motivation': 'Financial Gain',
'references': [{'source': "Cybercrime forum post by '888'"}],
'response': {'containment_measures': 'Remediated the incident'},
'threat_actor': '888',
'title': 'Accenture Data Breach After Hacker Claims 35GB Theft',
'type': 'Data Breach'}