Accenture Confirms Data Breach After Hacker Claims Source Code Theft

Professional services giant Accenture confirmed a data breach after a hacker claimed the theft of internal source code from the company.

The incident came to light this week, when a threat actor boasted on the hacker forum PwnForums about compromising Accenture and stealing 35 gigabytes of data.

According to the hacker, the information, including Azure access keys and tokens, configuration files, RSA and SSH keys, and source code, was exfiltrated from Accenture earlier this month.

The threat actor, who was trying to sell the allegedly stolen data, posted as proof-of-possession a screenshot depicting a private Azure DevOps repository apparently hosted on an accenture.com domain.

Responding to a SecurityWeek inquiry, Accenture confirmed the attack, but refrained from providing additional details on the matter.

“We are aware of this isolated matter, and we have remediated its source. There is no impact to Accenture operations and service delivery,” an Accenture spokesperson said.

Advertisement. Scroll to continue reading.

It is unclear how the data was exfiltrated, whether any personal information was compromised, and how the hacker gained access to Accenture’s environment.

According to Corsica Technologies CISO Ross Filipek, the incident raises concerns because the allegedly stolen data could be used as a playbook for future attacks, based on code vulnerabilities, credentials, and infrastructure information that threat actors can extract.

“Accenture is a familiar target because of where it sits in the business ecosystem. Large consulting and services firms often sit close to the systems that help major companies run, from cloud environments and identity tools to codebases and transformation projects,” Filipek said.

“That doesn’t mean every incident creates direct client risk, but it explains why attackers keep looking for a foothold. One successful compromise can offer clues about how enterprise systems are built, how teams authenticate, and where trusted connections exist,” he added.

Accenture, which recently announced it was taking a majority stake in Dragos, last year confirmed that a former employee was charged over concealing security issues in her employer’s cloud products that were non-compliant with US government requirements.

Related: Medtronic Data Breach Impacts 3.8 Million People

Related: Aflac Japan Data Breach Impacts 4.38 Million

Related: Nissan Employee Data Breached in Oracle PeopleSoft Hack

Related: Canadian Electricity Provider London Hydro Discloses Data Breach