iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Dell is currently investigating claims that the data of 10,000 of its employees was leaked by a threat actor.
A threat actor going by the moniker “grep” posted to the infamous dark web forum BreachForums claiming to have breached Dell and stolen internal data.
“In September 2024 Dell suffered a minor data breach that exposed internal employees data,” said the threat actor.
The threat actor said that a total of 10,800 employees were affected, with stolen data including employee IDs, full names, employee status and internal IDs.
Within the listing, grep posted a number of samples and a paid link to the rest of the data.
Speaking with BleepingComputer, Dell confirmed that it was aware of the claims and that it was investigating the incident.
Just days later, the threat actor made another post to BreachForums saying that there had been another breach that exposed internal data.
“Compromised data: Jira’s files, DB’s table, Schema migration etc, totaling 3.5gb uncompressed,” said grep.
“This time it was breached by Chucky, before Dell makes any claims, we both compromised your Atlassian and accessed Jenkins, Confluence etc. (This should facilitate the investigation).
“GDPR said time is ticking by the way xD.”
This time, no sample was posted with a paid link to the data that was available.
Cyber Daily has reached out to Dell for comment on the latest claims.
Earlier this year, Dell disclosed a data breach that affected as many as 49 million customers.
“Dell Technologies takes the privacy and confidentiality of your information seriously,” said an alert email to customers.
“We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell. We believe there is not a significant risk to our customers given the type of information involved.”
The data appeared to have been posted for sale on the BreachForums hacking forum, with a user called Menelik saying that the data was up-to-date information from Dell purchases made between 2017 and 2204. The countries most represented in the data – according to the poster – are the United States, China, India, Australia, and Canada.
The data is in three parts: 7 million rows of individual purchases and 11 million rows of “consumer segment companies”, while the rest are enterprise-grade customers, Dell partners, and schools.
The post was quickly deleted, which could represent a quick sale.
Be the first to hear the latest developments in the cyber industry.
