Accenture appears to have suffered a data breach, the extent of which is currently unknown.

On Monday, a threat actor going by the handle “888” posted on the cybercrime forum PwnForums, claiming to have breached the technology consulting company and stolen “just over 35gb of source codes” in July 2026.
They claim to have exfiltrated source code, RSA keys, SSH keys, Azure personal access tokens, Azure Storage access keys, and configuration files, which they are trying to sell.
The “advertisement” also included a screenshot as proof of data exfiltration from a private Azure DevOps repository hosted on an accenture.com-associated production URL.
When contacted, an Accenture media representative told Help Net Security that the company is “aware of this isolated matter” and that they have “remediated its source,” but did not provide any specifics nor confirmed data exfiltration.
They also stated that Accenture operations and service delivery was not affected.
Accenture’s past security incidents
This is not the first time that this tech consulting giant suffered a security incident that resulted in the compromise or exposure of data belonging to the company or its clients.
In 2017, a security researchers stumbled upon four unsecured AWS S3 storage buckets that contained sensitive data about Accenture Cloud Platform, its inner workings, and Accenture clients using the platform.
In August 2021, the company was targeted by attackers wielding the LockBit ransomware and threatening to release stolen data.
In June 2024, “888” tried to sell data of 32,826 current and former Accenture employees that was ostensibly compromised in a third-party breach, but the company said that the data set contained only three names and Accenture email addresses.

Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!
