Breach Confirmed After Leak on Crime Forum
Accenture, the multinational professional services company, has acknowledged a security incident after a threat actor using the alias ‘888’ began advertising stolen corporate data on a cybercrime forum. The attacker claims to have extracted over 35 gigabytes of source code and other sensitive files from the company’s systems in July 2026. In a statement to media, Accenture described the event as an isolated matter that has been addressed, adding that core operations and client services remain unaffected.
The forum listing included a screenshot purporting to show the attacker cloning an internal Accenture Azure DevOps repository. The data allegedly contains source code, cryptographic keys, SSH keys, Azure personal access tokens, storage access keys, and configuration files. BleepingComputer was unable to independently verify the full extent of the claimed theft, and Accenture has not detailed the method of intrusion or whether any client information was compromised.
Repeated History of Data Incidents
The 2026 breach is not the first time Accenture has faced a significant data exposure. The same actor, ‘888’, previously attempted to sell what they described as Accenture employee records obtained through a third party compromise in 2024. Additionally, in 2021, the company was targeted by the LockBit ransomware operation, which succeeded in exfiltrating data from its environment. The recurrence of such incidents underscores ongoing challenges in securing large, complex corporate networks that manage sensitive information for government and enterprise clients worldwide.
Source: BleepingComputer
