Contaque Source Code Repository Allegedly Stolen and Offered for Download

A threat actor claims to have stolen Contaque’s source code and released a repository that appears to include multiple platform components supporting its AI-powered contact center software.
Screenshot of a cybercrime forum post alleging the theft of Contaque’s source code, displaying the company’s logo and advertising the repository for download.
Screenshot of the forum post in which a threat actor claims to have stolen Contaque’s source code and made the alleged repository available for download. The post includes the company’s branding and states that the exposed data consists of source code, accompanied by a directory tree provided as proof of the claim.

A threat actor claims to have stolen Contaque’s source code and released it for download on a cybercrime forum, alleging the archive contains a substantial portion of the company’s communications platform and supporting software.

Contaque, developed by Avis e-Solutions, describes itself as an AI-powered communication, cloud telephony, customer experience (CX), and contact center platform that helps organizations manage customer interactions across voice and digital channels. The company says its technology is used to power large-scale contact center operations and AI-assisted communications.

Repository appears to span multiple platform components

According to the forum post, the alleged compromise resulted in the theft of Contaque’s source code. The threat actor published a large directory tree as proof, showing what appears to be multiple software projects rather than a single website repository.

The exposed structure references separate Admin, Backend, AuthManager, and installer projects, alongside deployment packages, documentation, compiled application artifacts, configuration files, and hundreds of Java source files. If authentic, the repository appears to contain development resources supporting several core components of the Contaque platform rather than only its public-facing website.

Directory tree reveals enterprise communications stack

The published file tree references numerous technologies commonly used in enterprise communications environments, including Spring Boot applications, Maven build files, Asterisk telephony services, Kamailio SIP infrastructure, NGINX configuration files, MQTT messaging components, predictive dialing modules, IVR functionality, campaign management services, reporting systems, authentication services, user management modules, and deployment installers. The archive also appears to include installation guides, API documentation, and packaged application builds.

While a directory listing alone cannot confirm the authenticity or completeness of the files, it suggests the alleged repository is considerably larger than a typical website codebase and may represent multiple interconnected services.

Second claim from recently active threat actor

The claim was published by the same threat actor behind the Accenture source code breach, which was later confirmed by the company. While that track record makes the latest claim noteworthy, it does not independently verify the alleged compromise involving Contaque.

The forum post does not explain how the alleged breach occurred or when the repository was obtained. Contaque had not issued any public statement regarding the claim at the time of publication.

Picture of m00s3c

m00s3c

Moose (@m00s3c) is the author of BreachNews, focusing on data breach intelligence, dark web monitoring, and threat analysis. His work involves analyzing breach claims, reviewing leaked datasets, and tracking threat actor activity to provide clear, factual reporting.

Latest News

Newsletter signup

Get the latest data breach and security news.

Please wait...

Thank you for signing up!

BREACHNEWS.COM/SUPPORT/

Support Independent News.

Help support breach monitoring, investigations, infrastructure, and reporting.

Support the site
INTEL.BREACHNEWS.COM

Live Cyber
Threat Map

Explore live cyber activity, recent breach reports, KEV alerts, and public threat feeds from a single interactive dashboard.

Launch Threat Map