The Circuitry
THE CIRCUITRYYour one-stop source for all tech news
HOMETODAYNEWSFEEDEVENTS
BOOKMARKS
RSS
© 2026 The Circuitry
About UsSourcesContactCorrectionsPrivacy
  • Today
  • Feed
  • Events
  • Saved
Scroll for more
Verification
VERIFIEDConfidence: HIGH
Source identified
Claims cross-referenced
No discrepancies found
Fact-check summary

BleepingComputer reports Accenture confirming awareness of an isolated breach after hacker '888' offered ~35 GB of source code and credentials; Escudo Digital, TechNadu, and Dark Web accounts also covered the July 2026 forum listing.

1 caveat
  • ▲Full scope of data and breach method unverified by independent sources; Accenture declined further details on customer impact.
Sourcing
1source

via BleepingComputer

BleepingComputer · track record
61Stories
100%Verified
3730d
All sources →
Home/Tech/Accenture confirms breach after hacker offers 35 GB of stolen data
VERIFIEDBy Xavier Rivera· ·1.5 min read

Accenture confirms breach after hacker offers 35 GB of stolen data

Accenture has confirmed a security breach after a threat actor known as "888" offered approximately 35 GB of allegedly stolen source code and credentials for sale. The incident marks the latest in a string of breaches for the global IT services provider.

Source:BleepingComputer
Post
Accenture confirms breach after hacker offers 35 GB of stolen data
TL;DRAI · 60 sec read

Accenture confirms a breach after hacker 888 lists 35 GB of stolen source code, RSA keys, SSH keys, and Azure tokens for sale on a forum. The firm states it has fixed the source and sees no operational impact. This follows earlier incidents, including a 2021 LockBit ransomware intrusion and a 2024 third-party data leak.

IT services giant Accenture has confirmed a security breach after a threat actor known as "888" began selling what was reportedly 35 GB of source code and additional material taken from the company.

Accenture acknowledges the incident and states remediation is complete. "We are aware of this isolated matter, and we have remediated its source. There is no impact to Accenture operations and service delivery," the company told BleepingComputer.
BleepingComputer could not independently verify the full scope of the data stolen.

The threat actor lists specific types of data for sale on a cybercrime forum. In the July 2026 post, the actor wrote, "Today I am selling the Accenture Data Breach, thanks for reading and enjoy!" The seller alleged the intrusion produced "just over 35gb of source codes" along with RSA keys, SSH keys, Azure personal access tokens, Azure Storage access keys, and configuration files.
https://x.com/DarkWebInformer/status/1803558395137368216

The seller also posted a screenshot that appears to depict cloning an Azure DevOps repository called "121123_AtriasTalentAcademy" under a redacted accenture.com address. BleepingComputer could not independently verify the full scope of the data stolen.
From The CircuitryThe Feed — live briefs across tech, all day.See what’s happening →

Accenture withholds details on breach method and potential customer impact. The firm offered no comment on the claimed volume or categories of information accessed or exfiltrated. It likewise declined to reveal how the attackers gained entry or whether any customer data was involved.
It likewise declined to reveal how the attackers gained entry or whether any customer data was involved.

This is the latest in a series of prior Accenture security incidents. The same individual had earlier tried to sell employee information obtained through a 2024 third-party breach. Accenture also experienced an intrusion in 2021 when the LockBit ransomware operation extracted data from its network.
BleepingComputer has asked Accenture further questions about the breach.

EXPERT TAKE

Accenture's limited disclosure on access method and customer data exposure highlights ongoing challenges in enterprise breach transparency.

Why this mattersAI · ~100 words

Tap a lens to see what this story means for you.

Reader-supported
DonateBuy me a coffee →Follow@thecircuitry_ →Follow@thecircuitry.to →

Reader-supported · Daily Brief

Daily brief at 7 AM ET. Top tech stories, every morning. Sourced and fact-checked.

HELP US IMPROVE
From The Circuitry

See what’s happening right now

The Feed runs all day — short, verified briefs the moment they break.

Open the Feed →
From The Circuitry

Follow @thecircuitry_

Every story we publish, as it happens. No noise between.

Follow on X ↗On Bluesky ↗

Reader-supported

The Circuitry is a passion project I've always wanted to build, and I love the work behind it.

Running it costs real money. APIs, hosting, time. To keep improving the site and growing this into something useful for everyone, those costs have to be covered.

Any contribution is appreciated. If not, no pressure. Thanks for reading.

Buy me a coffee
breachcybersecurityAccenture
More fromBleepingComputer
  • CISA tells federal agencies to fix actively exploited Langflow IDOR flaw by Friday

    Tech · 53m
  • KDDI breach hits email platform used by five Japanese ISPs

    Tech · 1h
  • Attackers exploit max-severity Adobe ColdFusion flaw

    Tech · 1d
More inTech
  • Blue Origin reportedly raising up to $10B in first private capital round

    Tech · 1m
  • CISA tells federal agencies to fix actively exploited Langflow IDOR flaw by Friday

    Tech · 53m
  • KDDI breach hits email platform used by five Japanese ISPs

    Tech · 1h
SupportThe Work

The Circuitry is reader-supported. If you find the daily brief useful, you can buy me a coffee to keep it going.

Buy a coffee →
SubscribeCircuitry Brief

Daily brief at 7 AM ET. Top tech stories, every morning.

MORE IN TECH

Blue Origin reportedly raising up to $10B in first private capital round

Blue Origin is reportedly raising up to $10 billion in its first private capital round at a $130 billion valuation, with Coatue Management reported to lead participation from institutional investors and Jeff Bezos. The move ends the company's near-total reliance on Bezos' personal funding as it races to scale ambitious launch, lunar, and satellite constellation projects against SpaceX.

CISA tells federal agencies to fix actively exploited Langflow IDOR flaw by Friday

CISA directed federal agencies to patch the actively exploited CVE-2026-55255 authorization bypass in Langflow by Friday after adding it to the Known Exploited Vulnerabilities catalog. The IDOR flaw lets authenticated attackers reach other users' AI agent flows, sensitive data, and resources, with exploitation observed targeting compute power and credentials.

KDDI breach hits email platform used by five Japanese ISPs

KDDI disclosed that attackers breached an email platform used by five Japanese ISPs, exposing email addresses of 12,233,087 people and passwords of 7,616,173 others via a zero-day vulnerability first exploited on May 16. The company is forcing password changes and has deployed new detection tools after notifying regulators, with no confirmed secondary damage reported.