Computer maker Dell faced a huge security challenge after a cyber-attack stole information for approximately 49 million customers. Dell confirmed that the type of information stolen includes people’s names, postal addresses, and Dell hardware and order information, such as service tags, item descriptions, order dates, and different warranty information.
What happened: A Breakdown of the incidents
Menelik, the threat actor behind the attack, openly told TechCrunch how he extracted such a huge amount of data from Dell without being detected.
Menelik set up several partner accounts within the Dell company portal which, when approved, allowed the hacker to use a brute-force attack to access customer data. A brute-force attack consists of an attacker submitting many passwords or passphrases hoping to eventually guess correctly.
The hacker sent more than 5,000 requests per minute to the page for nearly 3 weeks, and Dell did not notice anything. After sending nearly 50 million requests and scraping enough data, Menelik sent multiple emails to Dell, notifying the company of the vulnerability. It took Dell nearly a week to patch it all up, according to the hacker. Dell confirmed to TechCrunch that they received the hacker’s email notification of the vulnerability.
MASSIVE FREE VPN DATA BREACH EXPOSES 360 MILLION RECORDS
How Dell responded to the data breach
Dell sits as the number three PC vendor in the world following Lenovo and HP, and the affected accounts represent a small fraction of their user base. The company communicated this statement to affected users:
We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell. We believe there is not a significant risk to our customers given the type of information involved.
We reached out to Dell and a representative for the company provided us with this statement,
Dell Technologies has a cybersecurity program designed to limit risk to our environments, including those used by our customers and partners. Our program includes prompt assessment and response to identified threats and risks. We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address, and certain Dell hardware and order information. It did not include financial or payment information, email address, telephone number or any highly sensitive customer data. Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. Our investigation is supported by external forensic specialists. We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate.
WHAT A MASSIVE HEALTHCARE CYBERATTACK AT ASCENSION MEANS FOR YOUR PRIVACY AND SECURITY
What this means for your privacy and security
There’s no immediate aftermath of this data leak. Dell believes the risk to its customers is not significant since financial and payment information, email addresses, and phone numbers were not stolen in this attack. However, the risk of phishing or even major malware and ransomware attacks still exists. The threat actors might try sending personalized letters with infected drives, a tactic seen before.
There’s a good chance this data leak has already been sold on the dark web. The hacker posted the information for sale on the dark web and then took it down quickly, which often happens when someone buys the whole database. If you’re a Dell customer who bought hardware between 2017 and 2024, be very careful about any messages you get in the mail claiming to be from Dell, especially if they ask for personal information.
OVER HALF A MILLION ROKU ACCOUNTS COMPROMISED IN SECOND CYBER SECURITY BREACH
7 proactive measures to take to protect your data
1) Change your passwords:
2) Avoid tech support phone scams:
3) Be wary of mailbox communications:
4) Report any suspicious activity: If you notice any suspicious activity related to your Dell accounts or purchases, report them to security@dell.com. This may include unauthorized purchases, unusual login attempts, or changes in account information.
5) Monitor your accounts and transactions:
6) Use identity theft protection: Identity Theft protection companies can monitor personal information like your home title, Social Security Number (SSN), phone number, and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
One of the best parts of using Identity Guard includes identity theft insurance of up to 1 million dollars to cover losses and legal fees and a white glove fraud resolution team where a US-based case manager helps you recover any losses.
Special for CyberGuy Readers: Save up to 52% with my top recommendation is Identity Guard.
See my tips and best picks on how to protect yourself from identity theft.
7) Invest in personal data removal services:
Best services for removing your personal information from the Internet
Kurt’s key takeaways
Have you adjusted your online behavior or preferences due to concerns about data privacy and security breaches? Let us know in the comments below.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.