Hackers have claimed responsibility for a second data breach involving Dell within a week, reportedly exposing sensitive internal files through compromised Atlassian tools. According to Hackread, which broke the story, the leaked data allegedly includes information from Jira, Jenkins, and Confluence. This follows an earlier breach that Dell is already probing.
The initial breach, which took place on 19 September, involved sensitive data belonging to 10,863 employees of Dell. The hacker responsible for the first incident, operating under the alias “grep” on the Breach Forums platform, now claims Dell has been compromised again, indicating a potentially broader issue. The firm did not respond to Tech Monitor‘s request for comment ahead of the publication of this story.
Dell allegedly hacked twice in one week
The new breach was announced by “grep” on 22 September 2024, where the hacker disclosed details of another major compromise. “Grep” claimed that this second attack was carried out with the assistance of another hacker, “Chucky.” Together, they allegedly infiltrated Dell’s internal systems, exposing confidential information.
The breach, as per “grep,” includes data associated with Jira files, database tables, and schema migrations. This amounts to 3.5GB of uncompressed data. The hackers stated that they got access by compromising the Atlassian software suite of Dell. The suite includes tools such as Jenkins and Confluence, both of which are commonly used in software development and team collaboration.
In a message posted on Breach Forums, the hacker detailed the compromised data, which included Jira files, database tables, and schema migrations, and emphasised that 3.5 GB of uncompressed data was involved. The hacker further claimed that this attack was executed by “Chucky,” and asserted that Dell’s Atlassian tools, including Jenkins and Confluence, had been compromised.
The post included a message directed at Dell, stating that the stolen data included “Jira’s files, DB tables, schema migration, etc., totalling 3.5GB uncompressed. This time, it was breached by Chucky. Before Dell makes any claims, we both compromised your Atlassian and accessed Jenkins, Confluence, etc. GDPR said time is ticking, by the way, xD.”
Dell responded to the first reported breach by confirming that it was aware of the situation and had launched an investigation. However, the technology major has yet to comment on the most recent breach claims. The files reportedly include system configurations, user credentials, and security vulnerabilities. If validated, the data could be used to target Dell’s systems more comprehensively.
Recently, a report in Bloomberg indicated that Dell is set to enforce a substantial reduction in its workforce in order to focus on artificial intelligence (AI) products and services. Although, the precise number of job cuts has not been revealed, it is likely to impact thousands of employees, with multiple online sources estimating around 12,500 roles to be lost.