A threat actor claims to have stolen Contaque’s source code and released it for download on a cybercrime forum, alleging the archive contains a substantial portion of the company’s communications platform and supporting software.
Contaque, developed by Avis e-Solutions, describes itself as an AI-powered communication, cloud telephony, customer experience (CX), and contact center platform that helps organizations manage customer interactions across voice and digital channels. The company says its technology is used to power large-scale contact center operations and AI-assisted communications.
Repository appears to span multiple platform components
According to the forum post, the alleged compromise resulted in the theft of Contaque’s source code. The threat actor published a large directory tree as proof, showing what appears to be multiple software projects rather than a single website repository.
The exposed structure references separate Admin, Backend, AuthManager, and installer projects, alongside deployment packages, documentation, compiled application artifacts, configuration files, and hundreds of Java source files. If authentic, the repository appears to contain development resources supporting several core components of the Contaque platform rather than only its public-facing website.
Directory tree reveals enterprise communications stack
The published file tree references numerous technologies commonly used in enterprise communications environments, including Spring Boot applications, Maven build files, Asterisk telephony services, Kamailio SIP infrastructure, NGINX configuration files, MQTT messaging components, predictive dialing modules, IVR functionality, campaign management services, reporting systems, authentication services, user management modules, and deployment installers. The archive also appears to include installation guides, API documentation, and packaged application builds.
While a directory listing alone cannot confirm the authenticity or completeness of the files, it suggests the alleged repository is considerably larger than a typical website codebase and may represent multiple interconnected services.
Second claim from recently active threat actor
The claim was published by the same threat actor behind the Accenture source code breach, which was later confirmed by the company. While that track record makes the latest claim noteworthy, it does not independently verify the alleged compromise involving Contaque.
The forum post does not explain how the alleged breach occurred or when the repository was obtained. Contaque had not issued any public statement regarding the claim at the time of publication.












