Dell Technologies has confirmed a breach of its Customer Solution Centers platform by the rebranded extortion group, World Leaks, which is attempting to extort the company for ransom.
The compromised platform is used for demonstrating Dell products to customers and is kept separate from Dell’s customer-facing systems. Dell clarified that the data accessible in the Solution Centers is primarily synthetic or publicly available datasets, with the only notable legitimate data being an outdated contact list.
World Leaks, which has emerged as a successor to the Hunters International ransomware group, focuses on stealing data for extortion purposes rather than encrypting files. This shift in strategy reflects a broader trend among cybercriminal organizations due to the increased risks associated with ransomware attacks. Since its inception in January 2025, World Leaks has conducted over 280 attacks globally.
The group has recently published a sample of the stolen data, claiming to have exfiltrated 1.3 TB of information. Dell has not yet been listed among the organizations whose data has been shared, although researchers indicate that the leaked material includes configuration scripts and backups, without any sensitive corporate or customer information.
As the investigation into the breach continues, Dell has withheld details about how the attackers gained access to their systems. The company has yet to publicly address the ransom demand, indicating that it is maintaining a level of discretion concerning the situation.
In related news, World Leaks has been linked to the exploitation of SonicWall’s end-of-life SMA 100 devices, further illustrating the evolving tactics of this threat group. Experts continue to urge organizations to strengthen their cybersecurity measures amidst rising data extortion threats.