Threat Actor Claims Theft of 35 GB of Source Code from Accenture

A threat actor claims to have stolen 35 GB of data including source code and credentials from Accenture, but the company says the incident is isolated and remediated.

CSBadmin
2 Min Read

Alleged Breach Details

A threat actor who goes by the alias “888” has listed data for sale on a cybercrime forum, claiming it was stolen from Accenture. The actor alleges the stolen material totals roughly 35 GB and includes source code, RSA keys, SSH keys, Azure Personal Access Tokens (PATs), Azure Storage Access Keys, and configuration files. The listing was posted on July 6, 2026, and the actor claims the breach occurred earlier in the same month.

Evidence and Response

To support the claim, the actor shared a sample screenshot that appears to show command-line output from Azure DevOps, including a curl request and a git clone operation against a private repository. The sample references a repository named “121123_AtriasTalentAcademy” hosted under a redacted Accenture production URL. Accenture has confirmed a breach but has not verified the specific data types or volume claimed. The company stated, “We are aware of this isolated matter, and we have remediated its source. There is no impact to Accenture operations and service delivery.” The actor is asking for payment in Monero (XMR), with no price publicly disclosed. Security teams are advised to treat the claims as unconfirmed until further evidence surfaces, though organizations using Azure DevOps should review PAT rotation policies and audit repository access logs as a precaution.

Source: Cyber Security News

CSBadmin

The latest in cybersecurity news and updates.

Share This Article
Follow:
The latest in cybersecurity news and updates.