Cyber Security Alert: Dell Data Breach

Monday 13th May 2024

 
Daniela Miccardi
Cyber Security Marketing Manager
Author

Summary:

Dell has begun sending breach notification emails to some 49 million people whose data was stolen in a recent cyberattack. The type of information involved includes people’s names, postal addresses, and Dell hardware and order information, such as service tags, item descriptions, order dates, and different warranty information. The information does NOT include sensitive customer information, like financial information, phone numbers or email addresses. 

Among the staggering number of records, approximately 7 million rows pertain to individual/personal purchases, while 11 million belong to consumer segment companies. The remaining data pertains to enterprise, partner, schools, or unidentified entities. Furthermore, the threat actor highlights the top five countries with the most systems represented in the database, including the United States, China, India, Australia, and Canada. 

Dell is currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell. 

The company believes the risk to its customers is not significant since financial and payment information, email addresses, and phone numbers were not stolen in this attack. However, the risk of phishing or even major malware and ransomware attacks still exists, since threat actors can send out personalised letters with removable drives and deploy malicious code using the information stolen. 

A cybercriminal with the alias Menelik posted a new thread on a dark web forum, advertising a Dell database fitting the company’s description. 

Dell is working with law enforcement and a third-party forensics firm to investigate the incident. 

Analyst Assessment:

The impact of this incident and of serious risk to organisations is assessed to be low. However, if the hacker is to be believed, he sent 5,000 requests per minute to a page containing the target information, for 3 weeks, resulting in 49 million customer records being leaked. He did this by registering on the Dell portal as a partner, with several different names, enabling him to brute-force customer service tags.  

Although the UK is not mentioned as being in the top 5 countries from where data was leaked from, it is still likely that customer data from the UK has been affected. 


Want to keep informed? Sign up to our Newsletter

Connect