Dell’s ‘Multiple Data Breaches in a Week’: What Went Wrong?

Why Trust Techopedia
KEY TAKEAWAYS

  • Dell has allegedly experienced multiple data breaches within a week, raising concerns about security at large corporations.
  • Experts emphasize that big companies like Dell often struggle with infrastructure oversight and security updates.
  • SaaS and cloud applications are becoming prime targets for cybercriminals due to fragmented oversight and decentralized control.
  • Large companies need to improve security agility, similar to smaller businesses, to respond more effectively to emerging threats.
  • The rapid rise in cloud and SaaS use is outpacing big corporations' ability to secure these environments, leading to increased cyber risks.

Dell Technologies, a multinational company with millions of individual and enterprise customers around the world, has allegedly been breached twice in less than a week — with reports even claiming a third breach is in the works.

Data stolen from Dell is believed to include user credentials, internal infrastructure data, and more. In short; another massive problem waiting to happen.

While Dell is yet to comment on the allegations, other than saying it is investigating, leaked data displayed online claims to show Dell’s internal ticketing system, incident reports on Agile access, VPN information, DevOps software access requests, and project information for the next few years.

More troubling, 3.5GB of data said to belong to least 10,000 company employees, including IDs, full names, statuses, and internal IDs.

Why do big tech companies, with almost unlimited resources, struggle and fall to cyber criminals?

In this report, Techopedia talks to experts to explore the ‘big company cybersecurity paradox’ in light of Dell´s back-to-back attacks.

Dell Breach Adds Fuel to the Global Big Data Breach Fire

No infamous ransomware gang claimed the cyberattacks against Dell. In fact, two hackers on Breach Forums — a known hacker forum — claimed responsibility and leaked a glimpse of the valuable stolen Dell data.

Shawn Waldman, CEO and founder of Secure Cyber, a cybersecurity consulting firm that manages detection and response services for manufacturing, finance, governments, and education, spoke to Techopedia about the trend and the attack on Dell.

“This is another example of ‘the bigger they are, the harder they fall’. Large organizations like Dell often lose track of their technology, fail to keep up with updates, and fall victim to significant cybercrime.”

Waldam said that the breach is particularly notable because Dell is seen as a technology leader. “One would expect a company of this size to leverage its resources to protect both customer and employee data,” Waldman said.

The  Microsoft Azure data breach, the Bank of America breach, and the Mother of All Breaches (MOAB) are examples of big data breaches in 2024 that are creating damage, and the trend is picking up speed.

On September 23, the background check firm MC2 Data was breached, and 2.2 TB of sensitive data from over 100 million people was exposed

Big Companies are Losing Touch with Their Infrastructure

Despite having almost unlimited resources and capabilities, global corporations and international companies are failing security real-life tests in high numbers.

Ariel Parnes, cyber threat expert and COO & Co-Founder of Mitiga, a threat detection, investigation, and response solution for cloud and SaaS, told Techopedia that Dell’s recent security breach highlights a growing concern in the industry: the increasing risk from SaaS applications.

“As more companies rely on tools like Atlassian’s Jira and Confluence, they become the ‘soft underbelly’ of the digital ecosystem, creating weak points that hackers exploit. This issue often stems from a lack of comprehensive visibility across SaaS and Cloud environments.”

Parnes explained that SaaS applications pose significant risks to organizations today due to several key factors, including the rapid adaptation across various departments — R&D, HR, Legal, and others.

SaaS applications often hold sensitive and critical data, from intellectual property to customer information. This makes them prime targets for cybercriminals, especially if they are inadequately protected.

“Unlike cloud infrastructure that is typically managed by IT or security teams, SaaS applications are often managed by different stakeholders within the organization, such as HR for payroll apps or R&D for collaboration tools. This decentralization leads to fragmented oversight and security gaps.”

Waldman from Security Cyber spoke about the responsibilities that SaaS providers have to provide fully encrypted data protection for data at rest or in transit and security features for users, such as multi-factor authentication (MFA).

“In my opinion, the sheer size of the organization means that they can lose touch with things like inventory, vulnerabilities, and patching (just to name a few).”

Waldman explained that big infrastructures demand several times the cybersecurity efforts and visibility than medium-sized companies do. “The size of the organization doesn’t always mean the necessary staff is in place to protect it,” Waldman said.

Parnes agreed that visibility is a big problem when combined with rapid adoption, access to sensitive data, and decentralized ownership. “This lack of centralized control over SaaS applications elevates their risk, as potential vulnerabilities can go undetected,” Parnes said.

Cloud and SaaS Applications Are the Leading Targets

As companies embrace cloud usage the global digital attack surface expands, opening opportunities for threat actors to breach in. A Thales Group survey and study found that cloud resources have become the greatest risk. Nearly half (47%) of all corporate data stored in the cloud is sensitive, the report concludes.

Thales Group also found that the use of SaaS is also on the rise with 66% of organizations having more than 25 SaaS applications. Despite all the risks that this sensitive data environment presents, data encryption rates are very low. Less than 10% of enterprises encrypt 80% or more of their sensitive cloud data.

In the end, gaps in digital sovereignty and full ownership of the environment and its privacy and security are the problem. Cloud resources have become the biggest targets for cyber-attacks, with SaaS applications (31%), Cloud Storage (30%), and Cloud Management Infrastructure (26%) cited as the leading categories of attack.

How Big Companies Can Learn from SMB’s Security ‘Agility’

Parnes explained that cloud infrastructure and SaaS application advancements are happening faster than big companies’ ability to modernize security.

This leads to misconfigurations, fragmented oversight, and an incomplete security posture that cybercriminals are quick to exploit.

“Organizations must not only invest in continuous security improvements but also focus on modernizing their security capabilities to keep pace with their technological growth.”

Waldman added that cybersecurity today is all about being tactical and responding quickly. His advice for big companies: agility.

“Try to be more agile, like a small business. Go back to the basics.”

Parnes from Mitiga broke down what exactly this “agility” means.

“One key concept that larger organizations can adopt is the OODA Loop (Observe, Orient, Decide, Act) — a strategic decision-making framework that emphasizes speed and adaptability.”

SMEs that excel in agility rapidly adapt to emerging threats. They have streamlined decision-making, lean structures, and a willingness to innovate. Larger corporations can enhance their security posture by emulating these practices.

By streamlining decision-making, implementing the OODA Loop, and fostering a culture of innovation, big companies can improve their ability to quickly detect, respond to, and mitigate threats.

The Bottom Line

Cybercriminal and nation-state-supported hackers will continue to launch attacks on big companies looking for a massive payout, and larger disruptions and damages. But the industry should not take it lying down.

While the public, governments, and every sector have normalized cyberattacks and consider them inevitable collateral damage incidents, the truth is different. Large corporations are simply failing to secure cloud and SaaS resources.

Obfuscated by the size of their infrastructure and the rapid modernization of tools, large companies need to learn how to become agile enough to shut down modern threats before they cause real damage. Otherwise, leaks that include sensitive data from hundreds of millions of people and companies will continue to happen.

FAQs

Who hacked Dell?

What type of data was stolen in the Dell breach?

Why are SaaS and cloud applications targeted by cybercriminals?

What challenges do large companies like Dell face in cybersecurity?

How can big companies improve their cybersecurity?

Related Terms

Related Article