Dell Inc., the U.S. hardware giant, is investigating a data breach following a recent hacker claim that it posted data for over 10,000 Dell employees on a hacker forum.
The threat actor group using the alias โgrepโ claimed that the company suffered a โminor data breachโ earlier this month, which exposed internal employee and partner information. The hacker posted the stolen data on the notorious hacker and cybercrime platform BreachForums on September 19, 2024.
In a post on BreachForums, the threat actor says the stolen data includes full names of the employees for Dell and partners, employee ID, employees’ unique identifiers, employee status (active or inactive), and an internal identification string.
According to a report from BleepingComputer, only a small sample of the alleged stolen data has been posted for free on the hacking forum.
However, the threat actor claims to share a link to the entire database for one BreachForums credit equivalent to $0.30.
“We are aware of the claims and our security team is currently investigating,” Dell said in a statement to BleepingComputer.
This is not the first time Dell has suffered a security breach this year. In May 2024, Dell was hit with a massive data breach in its portal that impacted 49 million customers, exposing them to potential identity theft and phishing attacks.
The threat actor had gained unauthorized access to a database that included limited customer information related to sales.
The compromised data contained the names of the customers, addresses, hardware information, order details such as service tags, item descriptions, order dates, etc., and warranty information.