Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Dell confirms it is investigating data breach after employee info leaked

Delll ogo.

Computer manufacturing giant Dell is looking into claims that its infrastructure was breached and sensitive data on thousands of employees stolen.

Late last week, a threat actor with the alias ‘grep’ posted a new thread on the infamous dark web forum BreachForums. In it, they offered a large Dell database for sale, allegedly containing sensitive employee information.

“In September 2024 Dell suffered a minor data breach that exposed internal employees data,” the thread reads. “Were affected over 10 800 employees belonging to Dell and their partners. Compromised data: Employee ID, Employee full name, Employee status, Employee internal ID.”

No word from Capgemini yet

If the database turns out to be legitimate, this could be quite a problem for Dell, since the information can be used in identity theft and phishing, potentially compromising Dell further. Crooks could impersonate company employees to communicate with other workers and have them disclose secrets, grant access to restricted areas of the infrastructure, or even deploy ransomware.

To make matters worse, the database can be obtained quite easily. A small sample has been available for free, and the entire database can be purchased for 1 BreachForums credit (roughly $0.30).

Now, Dell told BleepingComputer that it is investigating the claims of the breach.

"We are aware of the claims and our security team is currently investigating," the company told the publication.

Earlier this month, grep claimed to have breached French tech and consulting giant, Capgemini. They said they obtained 20 GB worth of sensitive data, including databases, source code, private keys, credentials, API keys, projects, employee data (including names, email addresses, usernames, and password hashes). The archive also contains backups, and Capgemini clients’ internal configuration details for cloud infrastructure.

The crook even shared alleged T-Mobile virtual machine logs. But a T-Mobile US representative debunked the claim, saying the data does not belong to that company. "This is not T-Mobile US," they told us. "From what we can tell, we believe this may be a T-Mobile brand outside of the US."

Via BleepingComputer

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.