Major Accenture Data Breach Puts Clients at Risk

Plus, most CISOs believe executives don’t understand extent of cybersecurity risks posed by employees.

Good morning! Here’s what’s up.

People

John Pirc has been appointed as chief product and technology officer at PartnerOne. In this role, Pirc will oversee product strategy, technology innovation, and AI initiatives across PartnerOne’s portfolio of cybersecurity companies. Pirc joins PartnerOne from NetWitness, where he was chief product and technology officer for the cybersecurity company.

Clips ✂️

Accenture faces massive data breach that could put clients at risk

A threat actor claims to have stolen a vast trove of sensitive data from the consulting giant Accenture in a recent cyberattack.

The compromised data includes source code, Microsoft Azure personal access tokens, RSA encryption keys and SSH keys, a hacker calling themselves “888” said in a dark-web post shared by Bleeping Computer.

The actor says they hacked roughly 35GB of data from Accenture during the intrusion, which occurred in early July.

Accenture downplayed the incident in a statement to Cybersecurity Dive.

“We are aware of this isolated matter and we have remediated its source,” spokesperson Peter Soh said. “There is no impact to Accenture operations and service delivery.”

The stolen data could put Accenture and its clients at significant risk of further attacks. “Source code can help attackers understand internal application logic, identify weak implementation patterns, and search for hardcoded secrets or exploitable paths in custom systems,” the threat intelligence firm SOCRadar said in an analysis of the incident.

by Cybersecurity Dive

75% CISOs Fear Executives Don’t Understand Cybersecurity Risks

Over three quarters of cybersecurity leaders believe that the board level decision makers above them do not understand the cybersecurity risks associated with how their employees act in the workplace.

That is according to a report by MetaCompliance, published on July 9 and based on responses from over 200 CISOs across Europe. Of those surveyed, 78% said that C-level executives do not fully understand cybersecurity risks, at a time when employees are bombarded with phishing attacks and are forced to contend with security challenges around the rise of AI.

This lack of understanding, and sometimes interest, from the board has created headaches for cybersecurity leaders, who are faced with bolstering resilience against cyber threats despite a lack of consistent senior-level backing.

Indeed, according to the survey, 79% of CISOs said leadership support for security awareness initiatives fades over time, making it harder to ensure the organization and its employees are protected against evolving cyber threats, such as the rise of AI-based social engineering attacks.

by Infosecurity Magazine

GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses

Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy.

According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first publicly spotted in the wild on May 21, 2026. It's assessed to be a rebrand of the Beast ransomware, which, in turn, was an enhanced version of Monster, a Delphi-based ransomware that surfaced in March 2022. Broadcom's cybersecurity arm is tracing the developer behind these ransomware families under the moniker Hyadina.

In one attack orchestrated by the ransomware operation in early June 2026, the threat actors are said to have leveraged AnyDesk for remote access and used a NirSoft-based credential harvesting toolkit before deploying the ransomware. The exact initial access vector is unknown.

The credential harvester is designed to extract sensitive data from common web browsers, Windows Credential Manager, cached domain credentials, VNC sessions, email clients, Wi-Fi profiles, and live network traffic.

by The Hacker News

Cash App owner to pay $45 million to settle allegations of lax security

The owner of Cash App will pay dozens of states a total of $45 million to settle allegations that it misled its users about the payment app’s security and exposed them to fraud.

State attorneys general announced the bipartisan agreement with Block, Inc. on Wednesday, saying that the company incorrectly promised users that Cash App offered the same protections as a bank.

The company “failed to help users when they were scammed, misled consumers about the safety of Cash App, and failed to provide the fraud protection and resolution that it promised and was required to provide by law,” said New York Attorney General Letitia James. The state was one of 46 to participate in the agreement.

“Lax verification standards, a years-long absence of phone support, and deceptive social media promotions left users exposed to scammers,” said Texas Attorney General Ken Paxton. “Nevertheless, Cash App delayed internal fraud investigations and set unwarranted account lockouts which left victims with no way to recover stolen funds.”

by The Record from Recorded Future News

Suspected Chinese snoops caught breaking into universities' Roundcube mailservers

Suspected Chinese spies have been breaking into major US and Canadian universities since May, exploiting vulns in Roundcube mailservers to steal data belonging to physics and engineering administrators and professors, according to Proofpoint threat researchers.

Proofpoint directly observed “less than 10” universities targeted in these intrusions, Greg Lesnewich, principal threat research engineer at Proofpoint, told The Register. “We estimate the total volume of targets would be a few dozen universities, but stress that this is at best a guess, not substantiated by our data.”

While the most recent sighting occurred in early June, “we believe it is likely that the campaign is ongoing,” Lesnewich said.

The email security shop tracks the crew as UNK_MassTraction, and says that it focuses on individuals in departments with national security ties or in astrophysics and particle physics - all topics that support Beijing’s intelligence-gathering goals and, as such, are frequently targeted by government-backed cyber goons.

by The Register

Mount Royal University Confirms Data Stolen in Ransomware Attack

Mount Royal University (MRU), a public university in Alberta, Canada, has confirmed that employee and student data was stolen from its network in a disruptive ransomware attack.

The incident was discovered on June 17, after hackers deleted two file storage systems: one containing employee and student data, and another used for departmental data storage.

The attack disrupted certain internal systems, as well as online services and internet access, the university announced on June 18.

In a fresh update, MRU confirmed that a ransomware group was behind the attack and that employee and student data hosted on its ‘H drive’ was exfiltrated and deleted.

“The H drive is a file storage system used by individual employees and students. Our analysis indicates that this incident affected specific folders rather than the entire H drive. We will begin directly notifying employees and students whose H drive folders were compromised within the coming week,” the update reads.

by SecurityWeek

X