A serious breach of customer information – including names, postal addresses, hardware, order information and servicing history – is developing at Dell, after a database containing 49 million records was offered for sale on the dark web’s Breach Forums site by a user going by the handle, “menelik”.
The first indications of a data breach were reported on Monday 29 April, with the majority of the customers affected supposedly from the US, Australia, Canada, China and India. It’s unclear how many victims may be located in the UK. According to Bleeping Computer, as of Thursday 9 May, the post had been removed from Breach Forums, suggesting the dataset may have been successfully sold on.
In a letter sent to affected customers – a copy of which has been reviewed for this article – Dell said it was investigating an incident involving a Dell portal, but at the time of writing, it believes that based on the information involved, the risk to customers is not significant, since it doesn’t include financial or payment information, email addresses, or phone numbers.
“Upon identifying the incident, we promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement,” Dell said in the notification. “We have also engaged a third-party forensics firm to investigate this incident. We will continue to monitor the situation.”
Nevertheless, the PC manufacturer is directing users to its own resources on how to avoid falling victim to follow-on scams and fraud attempts – notably tech support phone scams – and is encouraging anybody who notices suspicious activity related to their Dell accounts or purchases to reach out to a reporting inbox at [email protected].
Dell has not provided any additional information to what it shared with customers, beyond a brief media statement to confirm the basic facts of the incident.
Mike Matchett, analyst and founder at Small World Big Data, a Boston-based data services consultancy, told TechTarget Editorial in the US that the fact Dell had had such a large dataset held in a vulnerable portal was a major oversight. “It’s extremely poor front-door security from a vendor who should know better,” he said.
Meanwhile, at the end of April, the wider Dell organisation expanded its data protection portfolio of appliances, software and as-a-service offerings to help enterprise customers improve their resiliency to increasing volumes of cyber attacks.
The advances reflect concerns raised in a recent Dell customer survey that found 75% of organisations thought their existing data protection measures weren’t up to the job, and 70% lacked confidence they could recover from a cyber attack.
Some of the new introductions include new, more secure PowerProtect appliances; an integrated generative artificial intelligence assistant in Apex Backup Services to help guide users through these processes; and a new Storage Direct Protection service in PowerProtect Data Manager, to offer native integration with its PowerMax enterprise storage lines for faster and more secure backup and recovery.