Technology
Leave a comment

Dell warns 49 million customers about massive data breach

Dell warns 49 million customers about massive data breach


Dell has warned customers of a massive data breach following a hacker’s claims they accessed information belonging to roughly 49 million customers.

The U.S. computer manufacturer has started distributing data breach notifications to customers impacted by the incident, detailing how an attacker gained unauthorized entry to an online portal that housed customer purchase information on its website.

The email seen by ReadWrite stated, “We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell.”

Dell data breach email states: Hello,Dell Technologies takes the privacy and confidentiality of your information seriously. We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell. We believe there is not a significant risk to our customers given the type of information involved. What data was accessed? At this time, our investigation indicates limited types of customer information was accessed, including: Name Physical address Dell hardware and order information, including service tag, item description, date of order and related warranty information The information involved does not include financial or payment information, email address, telephone number or any highly sensitive customer information. What is Dell doing? Upon identifying the incident, we promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement. We have also engaged a third-party forensics firm to investigate this incident. We will continue to monitor the situation. What can I do? Our investigation indicates your information was accessed during this incident, but we do not believe there is significant risk given the limited information impacted. However, you should always keep in mind these tips to help avoid tech support phone scams. If you notice any suspicious activity related to your Dell accounts or purchases, please immediately report concerns to security@dell.com.
Dell states that the breach is not a “significant risk to our customers”

According to Dell’s data breach notification, it seems that the attack resulted in the theft of personal information only, without compromising any financial data. The information stolen includes names, physical addresses, as well as hardware and order details from its systems.

The company stated that it “promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement.” It added that a third-party forensics firm has been engaged to investigate the matter and that it would continue to monitor the situation closely.

“We believe there is not a significant risk to our customers given the type of information involved,” Dell wrote in the email.

Reported sale of Dell database

In April, Daily Dark Web reported a major security breach, with a threat actor claiming to sell a database allegedly holding 49 million customer records from Dell. The supposed data includes details about systems purchased from Dell between 2017 and 2024, forming a comprehensive repository of customer information.

The data claimed to be from current and sourced from Dell servers, includes critical personal and corporate information such as full names, addresses, cities, provinces, postal codes, countries, unique 7-digit service tags, system shipment dates, warranty plans, serial numbers for monitors, Dell customer numbers, and Dell order numbers.

The threat actor alleges to have exclusive access to this data, which contains a large trove of information. Of the records, approximately 7 million relate to individual/personal purchases, and 11 million are linked to consumer segment companies, with the rest involving enterprises, partners, schools, or unidentified entities.

In addition, the threat actor points out that the most affected countries are the United States, China, India, Australia, and Canada.

ReadWrite reached out to Dell for comment, who responded: “We are not disclosing this specific information from our ongoing investigation.”

Featured image: Canva / Ideogram



Source link

Leave a Reply