Accenture, one of the world’s largest IT consulting and services companies, has confirmed it suffered a data breach, after a hacker began offering stolen company data for sale online. This report is based
on details first reported by BleepingComputer.
What happened
In July, a threat actor going by the name “888” claimed to have stolen roughly 35GB of data from Accenture. Shortly after, the hacker began advertising this data for sale on a cybercrime forum.
The forum post itself was fairly blunt about it. “Today I am selling the Accenture Data Breach, thanks for reading and enjoy!,” the post read, before adding more detail. “In July 2026, Accenture suffered a data breach which resulted in just over 35gb of source codes getting stolen from the company.”
According to the threat actor’s own claims, the stolen data includes source code, RSA keys, SSH keys, Azure personal access tokens, Azure Storage access keys, and various configuration files. If accurate, that combination of data could potentially give attackers meaningful access to internal systems, though this hasn’t been independently confirmed.
How the breach came to light
To back up their claims, the threat actor shared a screenshot appearing to show them cloning an Azure DevOps repository named “121123_AtriasTalentAcademy”, which was reportedly hosted under a redacted accenture.com hostname. This screenshot is what gave the claim some initial credibility, though BleepingComputer, which first reported on the incident, said it could not independently verify the full scope of the data actually stolen.
What Accenture has said
When approached for comment, Accenture confirmed that a breach had indeed occurred, though the company kept its response fairly brief. “We are aware of this isolated matter, and we have remediated its source. There is no impact to Accenture operations and service delivery,” the company told BleepingComputer.
Notably, Accenture did not comment on the threat actor’s specific claims regarding how much data was taken or exactly what type of information was accessed or exfiltrated. The company also hasn’t disclosed how the attackers managed to gain access in the first place, or whether any customer data was involved in the breach.
This isn’t the first time Accenture has dealt with this
This incident isn’t happening in isolation either. The same threat actor, “888”, had previously attempted to sell Accenture employee data following a separate third-party breach back in 2024.
Accenture has also dealt with a more serious security incident in the past. Back in 2021, the company suffered a data breach after the LockBit ransomware gang stole data from its systems, an incident that made headlines at the time given Accenture’s scale and the sensitivity of the data it typically handles for clients.
A lot remains unconfirmed at this stage. Accenture hasn’t detailed the actual scale of the breach, the exact nature of the data involved, or how the attacker initially got in.
For now, what’s confirmed is fairly narrow. A breach did happen, Accenture says it has addressed the source of it, and the company maintains there’s been no impact to its operations or service delivery. Everything beyond that, including the true scale of what was taken, remains based on the threat actor’s own unverified claims.
This report is based on original reporting by BleepingComputer, which first covered this story.









