Accenture Left Sensitive Data Exposed On Unsecured Servers

Global consulting and management firm Accenture left “at least four cloud-based storage servers unsecured and publicly downloadable” recently, according to reports.

josefkubes /

The unsecured cloud servers were found by security firm UpGuard, which discovered the data and informed Accenture of the issue in September. UpGuard released a full report about the issue today.

Key Data

The unsecured data included secret API data, authentication credentials, certificates, decryption keys, and customer information. Considering that Accenture claims that “94 of the Fortune 100 companies” are clients of the firm, the potential for damage was calamitous.

“In the hands of competent threat actors, these cloud servers, accessible to anyone stumbling across their URLs, could have exposed both Accenture and its thousands of top-flight corporate customers to malicious attacks that could have done an untold amount of financial damage,” UpGuard’s Dan O’Sullivan wrote.

Chris Vickery, director of cyber risk research at security firm UpGuard, told ZDNet the data contained the “keys to the kingdom.” Vickery said he also found Accenture’s master keys for its Amazon Web Service’s Key Management System. The stolen master keys could give a hacker full control over the company’s encrypted data stored on those Amazon servers.

Escaping Unscathed?

Accenture apparently secured the servers the day after being informed by UpGuard. It appears the large firm dodged a bullet in this case, as Accenture could only find one instance of unauthorized access while the files were unsecured, which they traced back to UpGuard.

This is the latest incident illustrating that not all companies are taking proper steps to secure their most important data — and the important data of their customers — which makes another large cyberattack seems inevitable. Accounting firm Deloitte recently revealed a breach which affected at least a few of its clients.

You may not be able to aid large companies in securing their data, but you can make sure you’re securing your own personal files. For those concerned about the safety of their files stored in the cloud, we recently covered some smaller, secure options in our article A Look At Cloud Storage Alternatives With Extra Security.

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like and along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Trending News

Follow Us