Accenture Confirms Security Breach After Hacker Claims to Steal 35GB of Company Data

Accenture has confirmed that it recently experienced a cybersecurity incident after a threat actor claimed to have stolen more than 35GB of company data and put the alleged information up for sale on a cybercrime forum.

Accenture Confirms Security Breach | Photo Credit: AI-Generated
Accenture Confirms Security Breach | Photo Credit: AI-Generated

The global consulting and technology services group said it had identified the breach as an isolated incident, was quick to respond, and the company did not disclose in detail how the attackers gained access or whether customer information was compromised and does not intend to reveal how and which customers were affected.

The incident came to light after a hacker using the online alias “888” posted on a cybercrime marketplace claiming to have a large cache of Accenture data. The stolen files are source code, RSA encryption keys, SSH keys, Azure Personal Access Tokens (PATs), Azure Storage access keys and configuration files, the post said.

For proof of the claim, the threat actor shared what appeared to be a screenshot showing the cloning of an Azure DevOps repository associated with an Accenture domain. While the screenshot has raised concerns, the authenticity and full extent of the alleged data breach have not been independently verified.

Accenture has not commented on whether the 35GB of data was actually exfiltrated or whether the information being advertised is genuine. The company also did not provide details on the type of systems affected or whether any clients were impacted.

Accenture said that the incident had been contained.

The company said it discovered the problem, fixed it and verified that service and operations were not affected.

Although business is going on, cybersecurity experts tell us the alleged exposure of source code and sensitive access credentials might have serious security implications if the claims are true.

A leaked source code can also help attackers to gain a better understanding of how software systems are built and to identify weaknesses or vulnerabilities. Similarly, the release of encryption keys, cloud access credentials and configuration files could allow attackers to gain unauthorized access to cloud environments or launch follow-up attacks.

Depending on how recent or sensitive the exposed information is, the breach could also present risks for customers, business partners and cloud infrastructure connected to affected systems.

The latest incident is not the first time Accenture has had cybersecurity challenges.

In 2021, the LockBit ransomware group claimed to have stolen company data during a cyberattack. In 2017, security researchers discovered a cloud configuration issue which had allegedly exposed sensitive internal information. In 2024, the same threat actor claimed to possess Accenture employee data obtained through a third-party breach. Accenture denied that any such claims were exaggerated at the time.

For now, Accenture says that the latest breach has been isolated and has been fully remediated. But there are doubts around how big the data theft was, if any customer information was compromised, and what more investigations might be conducted in the coming days.

Latest News