MAC address on Network - "null" manufacturer ID

My Peplink Balance 200 works great. Recently, I found a device on the network that I do not recognize. While we have guests using the network at this time the device was not on the guest VLAN but the internal user VLAN. The name and MAC address were blank in the Client List report. There is no report of this device connected via WiFi so it must be on one of the ethernet ports in my switch setup.

I was able to get a MAC address, which started with prefix 3A:9D:82. The router reports the vender ID as “null” and I cannot find any manufacturer with this MAC address prefix.

I’ve sent up “deny” rules for this MAC address (outbound and internal firewalls) as a precaution.

The mystery here is why the device has a MAC address not linked to any manufacturer. What might explain this? Are there other actions I should take?

people can pick whatever mac address they’d like on many devices

denying a mac address is not good security

you should try to figure out what device it was or how it was connected

Thanks. Yes, of course, I’ll try to locate the actual device but this may have to wait until I am onsite. Meanwhile, the steps taken will (1) reduce the potential damage and (2) may cause the user or device to start complaining about lack of internet access, thus simplifying the search problem.