InfoSecBulletin Cybersecurity for mankind
Dell is investigating claims of a data breach after a threat actor leaked information on over 10,000 employees. “We are aware of the claims and our security team is currently investigating,” Dell told BleepingComputer.
A hacker called “grep” claims that Dell suffered a “minor” data breach, stealing over 10,000 employee records. The hacker disclosed information on Breach Forums, a well-known cybercrime site, where they leaked stolen data today, September 19, 2024. The hacker also claims the breach happened earlier this month.
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
The leaked data revealed the following information:
Full names
Employee ID: A unique identifier for the employee.
Employee Active Status: Indicates whether the employee is currently active
Employee DNO: This may represent a department number or another internal identifier.
Internal Employee ID: A unique internal identifier that seems to be a hashed or encoded value.
Hackread.com reported, ” This is not the first time Dell has made headlines for cybersecurity-related issues. In May 2024, the Round Rock, Texas-based company disclosed a data breach after another hacker on a breach forum attempted to sell 49 million alleged customer records.”
Stephen Kowski, Field CTO at Pleasanton, Calif.-based SlashNext Email Security+ weighed in stating “The alleged Dell data breach serves as a stark reminder of the ongoing cybersecurity challenges faced by large corporations. With over 10,000 employee records reportedly exposed, including names, employee IDs, and internal identifiers, this incident highlights the potential vulnerabilities in even well-established tech companies.”
“While Dell has not yet confirmed the breach, the leaked information could be leveraged by threat actors for targeted phishing attempts or social engineering attacks, particularly given recent trends in cybercriminal tactics,” Stephen warned.
“Organizations must implement robust security measures, including advanced threat detection systems and regular security audits, to protect sensitive employee data and maintain trust. Timely incident response and transparent communication with affected individuals are also essential in mitigating the potential fallout from such breaches,” he advised.
