Dell has confirmed to BleepingComputer that they are investigating recent claims that it suffered a data breach after a threat actor leaked the data for over 10,000 employees.
The allegations were published yesterday by a threat actor named “grep,” who alleges that the computing vendor suffered a “minor data breach” in September 2024, exposing internal employee and partner information.
In a post to a hacking forum, the threat actor says the stolen data includes employees’ unique identifiers, full names of employees for Dell and partners, status of employees (active or not), and an internal identification string.
Though only a small sample of the data was shared for free, a link to the entire database can be revealed by spending 1 BreachForums credit, valued at approximately $0.30.
Responding to a request for a comment on the threat actor’s post, the computer giant told BleepingComputer that they are investigating the claims.
“We are aware of the claims and our security team is currently investigating,” Dell told BleepingComputer.
It is worth noting that the same user, grep, claimed another high-profile data breach on September 9, 2024, when he posted data allegedly stolen from the French IT giant Capgemini.
The threat actor alleged to hold 20 GB of data, including source code, credentials, private keys, API keys, employee data, T-Mobile virtual machine logs, documents, and more, which was leaked for free.
BleepingComputer contacted Capgemini at the time to ask about grep’s claims but did not receive a reply.
Earlier this year, Dell suffered a data breach after a company API was abused to steal 49 million customer records