Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A ransomware group has gotten into one of Dell’s demo environments and stolen more than a terabyte of data.
Computing giant Dell has poured cold water on the hacking claims of the World Leaks ransomware gang after it listed the company as a victim on its darknet leak site overnight.
In a 21 July post, World Leaks – formerly known as Hunters International – claimed to have stolen 1.3 terabytes of data, and the hackers published the data soon after.
The data appears to be from three regions – the Americas; Europe, the Middle East, and Africa; and Asia-Pacific and Japan – and consists of backup and configuration scripts, as well as some internal passwords.
Dell, however, has said that while the hacking claims are legitimate, the data involved is non-critical and mostly “synthetic”.
“A threat actor recently gained access to our Solution Center, an environment designed to demonstrate our products and test proofs-of-concept for Dell’s commercial customers,” Dell said in a widely reported statement.
According to Dell, the exposed systems are “separated from customer and partner systems” and not used to provide any services to Dell customers.
“Data used in the solution center is primarily synthetic (fake) data, publicly available datasets used solely for product demonstration purposes or Dell scripts, systems data, non-sensitive information and testing outputs,” Dell said.
“Based on our ongoing investigation, the data obtained by the threat actor is primarily synthetic, publicly available or Dell systems/test data.”
World Leaks emerged as a ransomware operator in January 2025, reusing a significant portion of Hunters International’s darknet infrastructure. However, whereas Hunters was a classic double extortion operation, both stealing data and encrypting it on victims’ networks, World Leaks’ operations are based entirely on exfiltrating data.
“From the administrator’s perspective, ransomware is no longer profitable and risky. The criminals collaborating with the group will be provided with a purportedly self-developed exfiltration tool designed to automate the process of data exfiltration in the victims’ networks,” cyber security firm Group-IB said in April.
“Unlike Hunters International, which combined encryption with extortion, World Leaks operates as an extortion-only group using a custom-built exfiltration tool.”
Since it began operation in January, World Leaks has listed a total of 51 victims. Its most recent Australian victim was NSW-based petroleum distributor Kel Campbell.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
