Global consulting and IT services firm Accenture has confirmed a cybersecurity incident after a threat actor advertised what were claimed to be stolen company data for sale on an underground hacking forum.
In a statement provided to tech publication BleepingComputer, Accenture said it is aware of the incident, describing it as an isolated case that has already been remediated. The company added that neither its business operations nor customer service delivery had been affected.
Accenture did not disclose the scope of the allegedly stolen data or confirm whether any customer information was involved. The company also declined to comment on how the attackers gained access to its systems.
Attacker’s Claims
A forum user operating under the alias “888” published a post describing the alleged breach. According to the threat actor, approximately 35 GB of Accenture data were copied in July 2026. The data allegedly include source code, RSA and SSH keys, personal Microsoft Azure access tokens, Azure Storage access keys, and various configuration files.
To support the claims, the user shared a screenshot that purportedly shows the cloning of an Azure DevOps repository named “121123_AtriasTalentAcademy.” The associated hostname under the accenture.com domain was redacted in the image. According to BleepingComputer, it was not possible to independently verify the authenticity or full extent of the allegedly stolen data.
(lb)