Accenture Confirms Security Breach: Source Code and Keys Allegedly Stolen
Global IT services giant **Accenture** has confirmed an isolated security breach after a threat actor claimed to have exfiltrated 35 GB of sensitive data, including source code and various access keys. While Accenture states no operational impact, the incident raises concerns about the potential exposure of critical internal assets.
Global professional services company **Accenture** has acknowledged a security incident following claims by a threat actor, identified as "888," of stealing 35 GB of data. The alleged theft, which reportedly occurred in July, includes critical assets such as source code, **RSA keys**, **SSH keys**, **Azure PAT** (personal access tokens), **Azure Storage** access keys, and configuration files.
"We are aware of this isolated matter, and we have remediated its source. There is no impact to Accenture operations and service delivery," an Accenture spokesperson told BleepingComputer.
### Details of the Alleged Data Theft
The threat actor, "888," posted on a cybercrime forum offering the stolen data for sale. The post explicitly claims the breach resulted in "just over 35gb of source codes getting stolen from the company."

To substantiate their claims, "888" shared a screenshot purportedly showing the cloning of an **Azure DevOps** repository named "121123_AtriasTalentAcademy," hosted under an **accenture.com** hostname. While the full scope of the stolen data remains unverified by independent sources, the types of assets mentionedβespecially various keys and tokensβare highly sensitive and could potentially be leveraged for further access.
### Accenture's Response and Past Incidents
**Accenture** has confirmed the breach but has not provided details regarding the specific amount or type of data accessed or exfiltrated, nor has it disclosed the method of attack or whether customer data was affected. The company's focus remains on the remediation of the source and asserting no impact on its operations.
This is not the first time **Accenture** has been targeted. The company previously experienced a data breach in 2021, attributed to the **LockBit** ransomware gang, which also involved the exfiltration of data from their systems. The same threat actor, "888," was also reportedly involved in a third-party breach in 2024.