The Register reports:
Accenture has confirmed an “isolated matter” after a cybercriminal put up for sale what they allege is 35GB of the consulting giant’s internal data, including source code, cryptographic keys, and cloud credentials.
The listing, seen by The Register, appeared on a cybercrime forum on July 6 under the title “Accenture Data Breach,” posted by a user with the handle “888.” The seller claimed the stolen archive contained source code alongside RSA keys, SSH keys, Azure Personal Access Tokens (PATs), Azure Storage access keys, configuration files, and other technical material.
“Today I am selling the Accenture Data Breach, thanks for reading and enjoy!” the cyber baddie wrote.
To back up the claim, the seller published what appeared to be a screenshot of a cloned Azure DevOps repository named “121123_AtriasTalentAcademy,” hosted under a censored accenture.com domain. The post also advertised the dataset for sale in exchange for Monero.
Read more at The Register.
Previous Coverage of Accenture on The Data Breach Times:
Threat Actors Claiming Breach of Accenture Employee Data (2024)
Accenture strikes $4.18 billion cybersecurity deal, shares fall on forecast cut
