Accenture Confirms Data Breach After Hacker Claims Theft of 35GB Internal Data

Accenture said it quickly contained the cybersecurity incident and found no disruption to its services. Security experts warned that exposed source code, RSA keys, SSH keys, and cloud access tokens could increase future cyber risks if verified.
Accenture Confirms Data Breach After Hacker Claims Theft of 35GB Internal Data
Written By:
Simran Mishra
Reviewed By:
Manisha Sharma
Published on
Updated on

Accenture has confirmed that it recently faced a cybersecurity incident after a hacker claimed to have stolen 35GB of company data. The attacker later put the alleged data up for sale on a cybercrime forum. Although the company admitted that a breach had happened, it assured the issue was limited and had already been fixed. Accenture also said that its services and business operations continue to run normally.

The case first became public after a report from BleepingComputer. Soon after, several technology news websites reported the same incident. According to those reports, a hacker using the name "888" claimed to have stolen a large amount of internal Accenture data in July 2026.

Hacker Claims Stolen Company Data

The hacker stated that the stolen files include source code, RSA keys, SSH keys, Azure Personal Access Tokens, Azure Storage access keys, and configuration files. These files are important parts of a company's software and cloud systems. If someone gets access to active keys or tokens, they may try to enter company systems without permission. Security experts say there is no proof yet that all the claimed files were actually stolen.

To support the claim, the hacker shared a screenshot that appeared to show an Azure DevOps project linked to an Accenture domain. The screenshot included a repository called "121123_AtriasTalentAcademy." The image made the claim look more believable, although independent researchers have not confirmed that the full 35GB of data was taken.

Accenture Responds to the Incident

Accenture later confirmed that a security incident had taken place. The company said it quickly fixed the source of the problem and found no impact on its operations or service delivery. It did not say how the attacker entered its systems. The company also did not confirm the amount of data involved or whether any customer information was affected.

This breach shows that even a quick response cannot remove every risk. If source code or cloud access details fall into the wrong hands, attackers may use them to study company systems and identify weak points. Companies often change passwords, keys, and access tokens after such incidents to reduce future risks.

Accenture has faced cyber attacks before. In 2021, the company was hit by a LockBit ransomware attack that drew global attention. In 2024, the same hacker known as "888" also claimed to have access to Accenture employee data after a separate third-party breach. These incidents show that large technology and consulting companies continue to attract cybercriminals.

What is Still Unknown

Several facts remain unclear. No independent investigation has confirmed the hacker's claim about the 35GB dataset. Accenture has not shared details about the exact files involved or how the attack happened. 

At this stage, the company has confirmed only that a breach occurred, the issue has been fixed, and its services continue without disruption. The rest of the claims still depend on information shared by the hacker.

Also Read: Indian IT Stocks Crash 29%; Accenture Trades at $250.10

Join our WhatsApp Channel to get the latest news, exclusives and videos on WhatsApp
logo
Analytics Insight: Top Tech & Crypto Publication | Latest AI, Tech, Crypto News
www.analyticsinsight.net