{"id":329,"date":"2024-09-23T11:15:33","date_gmt":"2024-09-23T11:15:33","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=329"},"modified":"2024-09-23T11:15:33","modified_gmt":"2024-09-23T11:15:33","slug":"hacker-selling-dell-employees-data-after-a-second-alleged-data-breach","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=329","title":{"rendered":"Hacker selling Dell employees\u2019 data after a second alleged data breach"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Dell Technologies has allegedly suffered two data breaches since Thursday amounting to a breach of over 3.5GB of data belonging to at least 10,000 company employees.<\/p>\n

A hacker using the alias \u201cgrep\u201d had claimed the first breach by posting a sample of the stolen dataset on BreachForums for free, offering a full release in exchange for 1 BreachForums credit, approximately amounting to $0.30.<\/p>\n

\u201cIn September 2024 Dell suffered a minor data breach that exposed internal employees data,\u201d grep said in a September 19 post<\/a>. \u201cWere affected over 10800 employees belonging Dell and their partners.\u201d<\/p>\n

The dataset has sensitive information belonging to these employees, including Employee ID, Employee full name, Employee status, and Employee internal ID, Grep added in the post.<\/p>\n

Two attacks within a week<\/h2>\n

Days after, Grep posted about a second \u201csignificant\u201d breach concerning 3.5 GB stolen data from Dell, this time claiming the breach in collaboration with a fellow hacker \u201cChucky\u201d. Grep had called the previous attack \u201cminor\u201d.<\/p>\n

\u201cWith over 10,000 employee records reportedly exposed, including names, employee IDs, and internal identifiers, this incident highlights the potential vulnerabilities in even well-established tech companies,\u201d said Stephen Kowski, field chief technology officer at Pleasanton. \u201cWhile Dell has not yet confirmed the breach, the leaked information could be leveraged by threat actors for targeted phishing attempts or social engineering attacks, particularly given recent trends in cybercriminal tactics.\u201d<\/p>\n

Dell has reportedly acknowledged the first incident to media channels, saying the \u201csecurity team is actively investigating the situation\u201d. However, Dell hasn\u2019t issued a public statement about either of the incidents. To this, in the second post <\/a>on September 22, grep teased, \u201cGDPR said time is ticking by the way.\u201d<\/p>\n

The hacker said they were able to access sensitive internal files from Dell owing to compromised Atlassian tools. \u201cCompromised data: Jira\u2019s files, DB\u2019s table, Schema migration etc, totaling 3.5GB uncompressed,\u201d said grep in the second post. \u201cThis time it was breached by Chucky, before Dell makes any claims, we both compromised your Atlassian and accessed Jenkins, Confluence etc.\u201d<\/p>\n

The revealed hack details, grep added, should facilitate the investigation.<\/p>\n

\u201cgrep\u201d on the rise<\/h2>\n

Hacker \u201cgrep\u201d has been involved in several cyberattacks over the past two years, most aligning with the actions of Anonymous, a decentralized collective known for its cyber-attacks against governments and corporations. The alias \u201cgrep\u201d is inspired by the Unix command \u201cgrep,\u201d which is used to search through files or streams of text for specific patterns.<\/p>\n

While it is difficult to track their exact origin, grep\u2019s prominence could be traced to early 2022, mostly for their hacktivism efforts in the Russia-Ukraine conflict. The most recent of grep\u2019s hacks was the CapGemini data breach<\/a> from September 9 that compromised 20GB of data consisting of source code, credentials, private and API keys, and employee data.<\/p>\n

Dell\u2019s running a tough security year, having already suffered an extensive breach in May <\/a>that exposed data belonging to 49 million customers. It remains to be seen how the company will react to the allegations of what seems to be an ongoing incident. Email queries sent to Dell did not elicit a response at the time of publishing this story.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Dell Technologies has allegedly suffered two data breaches since Thursday amounting to a breach of over 3.5GB of data belonging to at least 10,000 company employees. A hacker using the alias \u201cgrep\u201d had claimed the first breach by posting a sample of the stolen dataset on BreachForums for free, offering a full release in exchange […]<\/p>\n","protected":false},"author":0,"featured_media":330,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-329","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/329"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=329"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/329\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/330"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=329"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=329"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=329"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}