Dell has issued a warning to its customers regarding a data breach following claims by a threat actor of pilfering information for roughly 49 million customers.
In an email sent to customers, the computer manufacturer disclosed that a Dell portal containing customer data associated with purchases had been compromised.
“We are presently investigating an incident involving a Dell portal, housing a database containing limited types of customer information linked to Dell purchases,” stated a Dell data breach notification.
Dell clarified that the accessed information encompassed:
- Names
- Physical addresses
- Dell hardware and order details, comprising service tags, item descriptions, order dates, and relevant warranty information
The company said the stolen data did not encompass financial or payment data, email addresses or phone numbers. Dell assured customers that they are collaborating with law enforcement and a third-party forensics firm to probe the matter.
Dell Technologies is a publicly traded company that operates in 180 countries and is headquartered in Round Rock, Texas. Dell is the third-largest personal computer vendor in the world by unit sales, behind Lenovo and HP and serves more than 10 million small and medium-sized businesses and receives 500 million annual eCommerce visits.
The tech giant generated a revenue of $102.3 billion in 2023 and has over 500,000 commercial customers and 2,500 enterprise accounts.
Dell Data Breach Set Appeared on Dark Web
Despite Dell’s reassurances, the breach data was purportedly put up for sale on an underground hacker forum by a threat actor named “Menelik” on April 28.
The threat actor claimed this data set contained an up-to-date details of registered Dell servers including vital personal and company information such as full names, addresses, cities, provinces, postal codes, countries, unique 7-digit service tags of systems, system shipment dates (warranty start), warranty plans, serial numbers (for monitors), Dell customer numbers and Dell order numbers.
The threat actor asserted that he was the sole possessor of this data that entailed approximately 7 million records of individual/personal purchases, while 11 million belong to consumer segment companies. The remaining data pertained to enterprise, partners, schools or unidentified entities.
The threat actor also highlighted the top five countries with the most systems represented in the database, which included the United States, China, India, Australia and Canada.
The data, claimed to be sourced from Dell and containing 49 million customers and other systems details between 2017 and 2024, aligned with the details outlined in Dell’s breach notification.
However, The Cyber Express could not confirm if the two data sets are the same as Dell did not immediately respond to our request for confirmation.
Although the sale of the database appears to have ceased, the possibility of further exploitation remains. Although Dell refrained from disclosing the specific impact of the breach, it remains vigilant about potential risks associated with the stolen information. While the compromised data lacks email addresses, threat actors could exploit it for targeted phishing and smishing attacks against Dell customers.
They could contact Dell customers as fake customer service executives and lead them into downloading malware or infostealers as is seen in many previous campaigns.
Dell advises customers to exercise caution regarding any communications purportedly from Dell, especially those urging software installations, password changes or other risky actions and encourages customers to verify the legitimacy of such communications directly with Dell.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
