Article Details

Dell scoffs at breach, says miscreants only stole ‘fake data’. No customer, partner info stolen, spokesperson tells The Reg Dell has confirmed that criminals broke into its IT environment and stole some of its data — but told The Register that it's "primarily synthetic (fake) data." On Monday, WorldLeaks, a rebrand of the Hunters International extortion gang, posted Dell Technologies on its leak site and claimed to have exfiltrated 1.3 TB of data in an attempt to force the computer giant into paying an extortion fee to prevent its release. The compromised data, according to WorldLeaks' post that was also shared widely on social media, includes 416,103 files. But according to Dell, it's not important data — so the extortionists can probably cross this potential payday off their list. "A threat actor recently gained access to our Solution Center, an environment designed to demonstrate our products and test proofs-of-concept for Dell's commercial customers," a Dell spokesperson told The Register. "It is intentionally separated from customer and partner systems, as well as Dell's networks and is not used in the provision of services to Dell customers." The spokesperson declined to answer specific questions about the intrusion, including how much data was stolen and how much money the criminals demanded for its return, but told us that "data used in the solution center is primarily synthetic (fake) data, publicly available datasets used solely for product demonstration purposes or Dell scripts, systems data, non-sensitive information and testing outputs. Based on our ongoing investigation, the data obtained by the threat actor is primarily synthetic, publicly available or Dell systems/test data." Plus, they added, "like many companies, we work tirelessly to combat online criminal activity including those seeking to break into our systems and networks. Protecting the security and maintaining the trust of our customers and partners is a top priority." In other words: nothing to see here, move along to the next breach. This follows a more serious breach last year, during which a digital thief claimed to have stolen and put up for sale a database containing 49 million Dell customer records. In May 2024, the tech giant confirmed the compromise in an email to customers and said stolen data included: "Name, physical address, and certain Dell hardware and order information, including service tag, item description, date of order and related warranty information." It also comes a few weeks after Hunters International supposedly shut down, and offered decryption keys to all victims. However, a more likely story according to security analysts is that the group simply rebranded to WorldLeaks earlier this year after telling affiliates that ransomware had become "unpromising, low-converting, and extremely risky." A more promising, and apparently less risky business endeavour — the crims' perspective — appears to be straight data theft and extortion.