Dell investigates data breach claims after hacker leaks employee info
Dell has confirmed to BleepingComputer that they are investigating recent claims that it suffered a data breach after a threat actor leaked the data for over 10,000 employees.
The allegations were published yesterday by a threat actor named "grep," who alleges that the computing vendor suffered a "minor data breach" in September 2024, exposing internal employee and partner information.
In a post to a hacking forum, the threat actor says the stolen data includes employees' unique identifiers, full names of employees for Dell and partners, status of employees (active or not), and an internal identification string.
Though only a small sample of the data was shared for free, a link to the entire database can be revealed by spending 1 BreachForums credit, valued at approximately $0.30.
Responding to a request for a comment on the threat actor's post, the computer giant told BleepingComputer that they are investigating the claims.
"We are aware of the claims and our security team is currently investigating," Dell told BleepingComputer.
It is worth noting that the same user, grep, claimed another high-profile data breach on September 9, 2024, when he posted data allegedly stolen from the French IT giant Capgemini.
The threat actor alleged to hold 20 GB of data, including source code, credentials, private keys, API keys, employee data, T-Mobile virtual machine logs, documents, and more, which was leaked for free.
BleepingComputer contacted Capgemini at the time to ask about grep's claims but did not receive a reply.
Earlier this year, Dell suffered a data breach after a company API was abused to steal 49 million customer records
source: BleepingComputer
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
November 23, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024Download: CIS Critical Security Controls v8.1
August 8, 2024