- Popular technology company Dell has admitted that a security breach compromised the data of 49 million users.
- Stolen information includes names, addresses, and order details. Fortunately, no financial data was stolen.
- The investigation is still ongoing, and although there are suspects, no formal arrests have been made. We encourage our customers to be alert and aware of any suspicious phone calls or emails.
Data belonging to over 49 million Dell users was stolen in a recent cyberattack against the company. The stolen data includes the user's name, address, Dell device details, and order information, such as service tag, order date, and warranty information.
The attack came to light when the hacker responsible for the breach posted about the incident on the dark web. More on this later. Dell has already begun warning affected users. The notice said:
“We are currently investigating an incident related to the Dell Portal, which contains a database containing limited types of customer information related to purchases from Dell.”
The company also added that considering the types of information stolen, they include: There is no significant risk to affected users. However, while financial fraud is out of the question, the risk of phishing and malware attacks still remains.
This is because attackers have your contact information and can easily use it to send malicious emails or trick you into clicking malicious links or files. .
What do we know about the Dell cyber attack?
The attack began sometime in 2022 and lasted several months. The attack was discovered in early 2023. Dell then alerted law enforcement, who are currently investigating the matter.
A third-party forensic firm has also been hired to investigate. However, it is still unclear whether it was a ransomware attack or a simple data extortion.
There is also that There is no formal evidence against the attacker At the time of writing. However, on April 28, a hacker named “Menelik” posted on the dark web that he has data of 49 million users who purchased products from Dell between 2017 and 2024. Did.
A short time later, the post was deleted. This usually happens when someone purchases data.
Note: It is not confirmed whether the above posts are talking about the same attack. However, this explanation is a complete match, so we believe this is a valid assumption at this time.
And in that case, in which case someone actually purchased the stolen database, we would recommend all affected users to be a little more careful over the next few days. Do not share personal information with anyone, even if they claim to be a Dell employee. Also, don't open emails or texts from senders you don't know.
I say this because a similar tactic, impersonating an agent of the company, was used in the LastPass phishing scam and in March when Apple users were spammed with unsolicited password reset requests. .
What are industry experts saying about this breach?
The attack on Dell drew widespread criticism. For example, Richard Hulme, a senior attorney at Clark Hill, said it was alarming that it took so long for such a large company to discover the attack.
Steven Aiello, Field CISO at AHEAD, had similar sentiments. He further added that the dwell time of ransomware activities is decreasing worldwide. It is concerning that the breach has lasted this long.. That may suggest the perpetrator was after something more valuable.
Several experts also disagreed with Dell's statement that the data breach was not a major concern because no financial data was compromised.
For example, Sarah Jones, Cyber ​​Threat Intelligence Research Analyst at Critical Start, says: Stolen personal information can be used in phishing campaigns—This could compromise the financial information of affected users. Simply put, financial fraud can still occur in one form or another.
The ultimate fate of the affected users will depend on how the investigation progresses. For now, however, users should remain vigilant and report any suspicious activity they notice immediately. [email protected].