Attacker claims to be selling two data sets on dark web forum.
Dell Technologies is apparently dealing with a data breach of around 3.5GB of data, containing details of allegedly 10,000 company employees.
The company confirmed to Bleeping Computer that it was investigating recent claims after a threat actor named "grep" alleged that Dell had suffered a "minor data breach" in September 2024, exposing internal employee and partner information.
In a post to a dark web forum, the threat actor said the stolen data includes employees' unique identifiers, full names of employees for Dell and partners, status of employees (active or not), and an internal identification string.
There were also claims of a second breach of Jira files, database tables, Schema plans and more.
Investigating Situation
Dell has reportedly acknowledged the incident, saying the “security team is actively investigating the situation”. However, Dell hasn’t issued a public statement about either of the incidents.
Erfan Shadabi, cybersecurity expert at comforte AG, said: “This data breach on Dell demonstrates just how important it is for every organization to rethink data security: Dell must now assess just how much sensitive information has been released. Hopefully, they can navigate this situation effectively with minimal damage.”
Anna Collard, SVP for content strategy at KnowBe4 Africa, said: “It's important to remember that Dell is still in the process of investigating this incident. We should refrain from drawing any conclusions until they release their formal statement with the full facts. Transparency and responsible communication from all parties involved are crucial during these situations. cybersecurity culture."
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.