Dell Under Scrutiny After 1.3 TB Of Internal Data Leaked

A newly rebranded cybercriminal group called World Leaks, formerly known as Hunters International, has claimed responsibility for leaking 1.3 terabytes of internal data allegedly stolen from Dell Technologies, according to Hack Read reporter Waquas.

The data dump, released via the group’s dark web leak site on July 21, 2025, includes more than 416,000 files.

While Dell confirmed unauthorized access to an internal data environment used for product testing, the company maintains that no customer data or critical infrastructure was affected.

The breach raises fresh concerns about data exfiltration tactics that don’t rely on ransomware encryption.

Hunters International operated as a ransomware gang, using file encryption as part of its extortion model. However, it recently rebranded as World Leaks and shifted focus to data theft without encryption.

The gang now uses an advanced exfiltration tool to automatically extract sensitive data, leveraging public exposure threats to extort victims. This strategic pivot likely reflects mounting pressure from global law enforcement and the decreasing effectiveness of ransomware monetization.

World Leaks claims the leaked data includes internal folders, infrastructure scripts, software tools, and employee directories from Dell’s operations across the Americas, Europe, and Asia-Pacific.

References to Dell technologies such as PowerPath, PowerStore, and VMware tools appear frequently in the file paths to support the authenticity of the data.

Dell responded by acknowledging that an unauthorized party accessed its isolated “Solution Center” and stressed that the exposed data was synthetic, public, or tied to internal testing.

This follows a series of past Dell-related breaches, including incidents in May and September 2024 involving customer and employee data.

Legal teams advising clients in cybersecurity and data privacy should note the shift to pure data extortion tactics. Even internal, non-customer systems can be lucrative targets.

Clients should reassess segmentation strategies, internal testing environments, and incident disclosure protocols. Counsel must stay current on the regulatory implications of “non-breach” data exposures as threat actors increasingly exploit gray areas in data classification and reporting.