Skip to content

Over 10,000 Dell employee records exposed on BreachForums

  • by
  • 2 min read

Dell, the global technology giant, is reportedly facing a new cybersecurity breach. A hacker claiming to have stolen the personal information of over 10,000 employees disclosed the breach on the notorious BreachForums platform on September 19, 2024, under the alias ‘grep. ‘ The breach contained employees’ names, IDs, active status, and department or internal identifiers.

First reported by Hackread, although limited in some areas, the leaked information could still serve as a tool for cybercriminals looking to exploit vulnerable employees.

While the hacker downplayed the incident as a “minor” breach, the exposed records have raised concerns about employee security and the growing threat of social engineering attacks targeting corporations.

Notably, the leaked data contained only two email addresses with the ‘@Dell.com’ domain, and crucially, there were no plain text passwords or personally identifiable information (PII) such as social security numbers.

However, cybersecurity experts have pointed out that the leaked data can still have major security implications even without sensitive details like passwords or addresses.

One of the most significant risks associated with this breach is its potential to enable social engineering attacks. Over the past year, companies across the globe have faced a wave of cyberattacks in which threat actors trick employees into giving up credentials or sensitive information.

This isn’t the first time Dell has been involved in a data breach. In May 2024, the company confirmed a security incident in which a hacker attempted to sell customer data on a breach forum. At that time, over 49 million customer records, including names, addresses, and Dell hardware information, were compromised from various countries, including the United States, India, China, Australia, and Canada.

Dell representatives offered vague statements regarding the breach to sweep the issue under the rug. The two breaches differ in that the May breach exposed customer records, while the current breach involved the exfiltration of employee records. This leaves the company vulnerable to sophisticated phishing scams, which could cause significant damage if successful.

In the News: Miami duo arrested for $230 million cryptocurrency theft

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>