InfoSecBulletin Cybersecurity for mankind
Dell is investigating claims of a data breach after a threat actor leaked information on over 10,000 employees. “We are aware of the claims and our security team is currently investigating,” Dell told BleepingComputer.
A hacker called “grep” claims that Dell suffered a “minor” data breach, stealing over 10,000 employee records. The hacker disclosed information on Breach Forums, a well-known cybercrime site, where they leaked stolen data today, September 19, 2024. The hacker also claims the breach happened earlier this month.
WhatsApp banned on all US House of Representatives devices
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
The leaked data revealed the following information:
Full names
Employee ID: A unique identifier for the employee.
Employee Active Status: Indicates whether the employee is currently active
Employee DNO: This may represent a department number or another internal identifier.
Internal Employee ID: A unique internal identifier that seems to be a hashed or encoded value.
Hackread.com reported, ” This is not the first time Dell has made headlines for cybersecurity-related issues. In May 2024, the Round Rock, Texas-based company disclosed a data breach after another hacker on a breach forum attempted to sell 49 million alleged customer records.”
Stephen Kowski, Field CTO at Pleasanton, Calif.-based SlashNext Email Security+ weighed in stating “The alleged Dell data breach serves as a stark reminder of the ongoing cybersecurity challenges faced by large corporations. With over 10,000 employee records reportedly exposed, including names, employee IDs, and internal identifiers, this incident highlights the potential vulnerabilities in even well-established tech companies.”
“While Dell has not yet confirmed the breach, the leaked information could be leveraged by threat actors for targeted phishing attempts or social engineering attacks, particularly given recent trends in cybercriminal tactics,” Stephen warned.
“Organizations must implement robust security measures, including advanced threat detection systems and regular security audits, to protect sensitive employee data and maintain trust. Timely incident response and transparent communication with affected individuals are also essential in mitigating the potential fallout from such breaches,” he advised.
