Dell confirms data breach – but says hackers only stole “fake data”

Dell confirmed reports of a break-in by apparent hackers
World Leaks claimed responsibility, and is demanding payment
However Dell says the threat actors apparently stole fake data

Dell has confirmed recently suffering a cyberattack which saw threat actors steal of its data, but has added it isn’t too concerned by the incident.

The hackers, going by “World Leaks”, are now asking for ransom in exchange for deleting the stolen files.

However, Dell says the stolen files were all fake, signaling that it has no intention of paying the criminals for their troubles.

Synthetic data

In a statement, Dell confirmed the breach, saying the attackers accessed a platform used to demo new products to customers.

“A threat actor recently gained access to our Solution Center, an environment designed to demonstrate our products and test proofs-of-concept for Dell’s commercial customers,” Dell told BleepingComputer. “It is intentionally separated from customer and partner systems, as well as Dell’s networks and is not used in the provision of services to Dell customers.”

The statement goes on to explain that the data used in the solution center is “primarily synthetic”, meaning it’s all made up and fake.

It also includes “publicly available datasets used solely for product demonstration purposes or Dell scripts, systems data, non-sensitive information and testing outputs,” Dell added.

“Based on our ongoing investigation, the data obtained by the threat actor is primarily synthetic, publicly available or Dell systems/test data.”

World Leaks might be a new name in the ransomware scene, but the actors are rather experienced. The group came as a spin-off from Hunters International, an infamous ransomware player that breached more than 200 organizations during its active years.

Hunters International worked as the usual double-extortion group, first stealing the sensitive files from the victims, and then encrypting their systems to prevent access. World Leaks, on the other hand, ditches the encryption part and focuses solely on data exfiltration.

Many ransomware groups stopped deploying the encryptors lately, as they seem to be expensive to develop and maintain, while simply stealing files brings the same end result.

Via BleepingComputer