Ransomware

Dell Data Breach: 49M Customers Data Posted On Dark Web

Dell confirmed a affecting its customers non-financial data after a claimed and put for sale a of 49 million customer purchase records

by Mihir Bagwe May 10, 2024 in Cybersecurity News, News, Threat Actors Reading Time: 3 mins read 0

585 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

Dell has issued a warning to its customers regarding a data breach following claims by a threat actor of pilfering information for roughly 49 million customers.

In an email sent to customers, the computer manufacturer disclosed that a Dell portal containing customer data associated with purchases had been compromised.

“We are presently investigating an incident involving a Dell portal, housing a database containing limited types of customer information linked to Dell purchases,” stated a notification.

Dell clarified that the accessed information encompassed:

  • Names
  • Physical addresses
  • Dell hardware and order details, comprising service tags, item descriptions, order dates, and relevant warranty information

The company said the stolen data did not encompass financial or payment data, email addresses or phone numbers. Dell assured customers that they are collaborating with law enforcement and a third-party forensics firm to probe the matter.

Dell data breach notification

Dell Technologies is a publicly traded company that operates in 180 countries and is headquartered in Round Rock, Texas. Dell is the third-largest personal computer vendor in the world by unit sales, behind Lenovo and HP and serves more than 10 million small and medium-sized businesses and receives 500 million annual eCommerce visits.

The tech giant generated a revenue of $102.3 billion in 2023 and has over 500,000 commercial customers and 2,500 enterprise accounts.

Dell is ranked 31st on the Fortune 500 list in 2022 and is also the sixth-largest company in Texas by total revenue, according to Fortune magazine.

Dell Data Breach Set Appeared on Dark Web

Despite Dell's reassurances, the breach data was purportedly put up for sale on an underground hacker forum by a threat actor named “Menelik” on April 28.

The threat actor claimed this data set contained an up-to-date details of registered Dell servers including vital personal and company information such as full names, addresses, cities, provinces, postal codes, countries, unique 7-digit service tags of systems, system shipment dates (warranty start), warranty plans, serial numbers (for monitors), Dell customer numbers and Dell order numbers.

The threat actor asserted that he was the sole possessor of this data that entailed approximately 7 million records of individual/personal purchases, while 11 million belong to consumer segment companies. The remaining data pertained to enterprise, partners, schools or unidentified entities.

The threat actor also highlighted the top five countries with the most systems represented in the database, which included the United States, China, India, Australia and Canada.

The data, claimed to be sourced from Dell and containing 49 million customers and other systems details between 2017 and 2024, aligned with the details outlined in Dell's breach notification.

However, The Cyber Express could not confirm if the two data sets are the same as Dell did not immediately respond to our request for confirmation.

Although the sale of the database appears to have ceased, the possibility of further exploitation remains. Although Dell refrained from disclosing the specific impact of the breach, it remains vigilant about potential risks associated with the stolen information. While the compromised data lacks email addresses, threat actors could exploit it for targeted phishing and smishing attacks against Dell customers.

They could contact Dell customers as fake customer service executives and lead them into downloading malware or infostealers as is seen in many previous campaigns.

Dell advises customers to exercise caution regarding any communications purportedly from Dell, especially those urging software installations, password changes or other risky actions and encourages customers to verify the legitimacy of such communications directly with Dell.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button