Dell has alerted its customers about a potential data breach after reports surfaced of a threat actor claiming to have accessed information for around 49 million customers.
The computer manufacturer initiated email notifications to affected customers, informing them that a Dell portal containing customer data linked to purchases had been compromised.
"We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell," stated a Dell data breach notification shared with the media. "We believe there is not a significant risk to our customers given the type of information involved."
According to Dell, the following details were accessed during the breach: names, physical addresses, Dell hardware and order information (including service tags, item descriptions, order dates, and warranty information).
The company emphasized that the stolen information did not include financial data, email addresses, or telephone numbers. Dell is collaborating with law enforcement and a third-party forensics firm to probe the incident.
Despite being contacted for more details, Dell declined to disclose the extent of the breach during their ongoing investigation.
The breach was first reported when a threat actor named Menelik attempted to sell a purported Dell database on a hacking forum on April 28th. Menelik claimed to have obtained data for "49 million customers and other information systems purchased from Dell between 2017-2024."
While it hasn't been confirmed if this data aligns with what Dell disclosed, it corresponds with the information outlined in the breach notification.
The post on the Breach Forums has since been removed, suggesting that another threat actor may have acquired the database.
Dell maintains that the compromised information poses no significant risk to customers. However, it could potentially be exploited in targeted attacks against Dell customers.
With the stolen data not including email addresses, threat actors might resort to physical mailings with phishing links or media containing malware to target specific individuals.
Given these risks, recipients are advised to exercise caution regarding any emails or physical mailings purporting to be from Dell, especially if they prompt actions like software installations or password changes. Instead, customers should verify the legitimacy of such communications directly with Dell.
As the database is no longer up for sale, there's a likelihood that threat actors may seek to exploit it through various means. Vigilance and proactive measures are encouraged to mitigate potential risks associated with this breach.
