Dell has allegedly suffered breach after a breach with 3.5GB of data belonging to at least 10,000 company employees.
A threat actor goes by the name “grep” had claimed the first breach by posting a sample of the stolen dataset on BreachForums for free, offering a full release in exchange for 1 BreachForums credit, approximately amounting to $0.30.
The dataset includes employee PII, including Employee ID, Employee full name, Employee status, and Employee internal ID.
Now, Grep posted about a second breach concerning 3.5 GB stolen data from Dell, this time claiming the breach in collaboration with a fellow hacker Chucky.
While Dell has not yet confirmed the breach, the leaked information could be leveraged by threat actors for targeted phishing attempts or social engineering attacks, particularly given recent trends in cybercriminal tactics.
Dell hasn’t issued a public statement about either of the incidents. To this, in the second post on September 22, grep teased, “GDPR said time is ticking by the way.”
The hacker said they were able to access sensitive internal files from Dell owing to compromised Atlassian tools. Compromised data: Jira’s files, DB’s table, Schema migration, etc, totaling 3.5GB uncompressed,. This time, it was breached by Chucky. Before Dell makes any claims, we both compromised your Atlassian and accessed Jenkins, Confluence, etc.
