Dell has confirmed that hackers breached its Customer Solution Centers platform and are now extorting the company for a ransom. The cybercrime group behind the breach is a newly rebranded extortion gang called “World Leaks.”
The company acknowledged the breach to BleepingComputer, stating that “a threat actor recently gained access to our Solution Center, an environment designed to demonstrate our products and test proofs-of-concept for Dell’s commercial customers.” The hackers were able to get away with some data, but Dell claims its “primarily synthetic, publicly available or Dell systems/test data.”
Data used in the solution center is mostly made up of fake data, publicly available data sets used for product demonstration purposes, or Dell scripts, systems data, and other non-sensitive data and testing inputs. World Leaks seems to believe that the stolen data contains something of value, but it’s most likely sample medical data and financial information, completely fabricated. The only real data hackers managed to extract was an outdated contact list.
Technical information on how the breach occurred wasn’t shared, as the breach is still under investigation, and no ransom amount was shared either. The customer solution centers are also separated from Dell’s customer-facing network and other internal systems. Users are also frequently cautioned not to upload sensitive data to the labs.
As for World Leaks, it’s a rebrand of the Hunters International ransomware gang, which has recently moved away from file encryption to simply extracting and holding sensitive data. Hunters International itself was expected to be a possible rebrand of the notorious Hive ransomware gang.
However, the group did end up carrying out over 280 attacks targeting organisations globally before rebranding as World Leaks. Since then, we’ve seen 49 attacks from the new group, excluding Dell as the company is yet to be listed on the group’s dark web site.
In the News: Iran’s intelligence agency has 4 new Android spyware samples
