Dell confirms it is investigating data breach after employee info leaked

A hacker says they stole employee info on more than 10,000 people

News By Sead Fadilpašić published 23 September 2024

Computer manufacturing giant Dell is looking into claims that its infrastructure was breached and sensitive data on thousands of employees stolen.

Late last week, a threat actor with the alias ‘grep’ posted a new thread on the infamous dark web forum BreachForums. In it, they offered a large Dell database for sale, allegedly containing sensitive employee information.

“In September 2024 Dell suffered a minor data breach that exposed internal employees data,” the thread reads. “Were affected over 10 800 employees belonging to Dell and their partners. Compromised data: Employee ID, Employee full name, Employee status, Employee internal ID.”

No word from Capgemini yet

If the database turns out to be legitimate, this could be quite a problem for Dell, since the information can be used in identity theft and phishing, potentially compromising Dell further. Crooks could impersonate company employees to communicate with other workers and have them disclose secrets, grant access to restricted areas of the infrastructure, or even deploy ransomware.

To make matters worse, the database can be obtained quite easily. A small sample has been available for free, and the entire database can be purchased for 1 BreachForums credit (roughly $0.30).

Now, Dell told BleepingComputer that it is investigating the claims of the breach.

"We are aware of the claims and our security team is currently investigating," the company told the publication.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors