Dell notifies customers about data breach

Dell is warning its customers about a data breach after a cybercriminal offered a 49 million-record database of information about Dell customers on a cybercrime forum.

‍

A cybercriminal called Menelik posted the following message on the “Breach Forums” site:

‍

“The data includes 49 million customer and other information of systems purchased from Dell between 2017-2024.

‍

‍

It is up to date information registered at Dell servers.

‍

Feel free to contact me to discuss use cases and opportunities.

‍

I am the only person who has the data.”

‍

‍

According to Menelik the data includes:

• The full name of the buyer or company name
• Address including postal code and country
• Unique seven digit service tag of the system
• Shipping date of the system
• Warranty plan
• Serial number
• Dell customer number
• Dell order number

‍

Most of the affected systems were sold in the US, China, India, Australia, and Canada.

‍

Users on Reddit reported getting an email from Dell which was apparently sent to customers whose information was accessed during this incident:

‍

“At this time, our investigation indicates limited types of customer information was accessed, including:

• Name
• Physical address
• Dell hardware and order information, including service tag, item description, date of order and related warranty information.

‍

The information involved does not include financial or payment information, email address, telephone number or any highly sensitive customer information.”

‍

Although Dell might be trying to play down the seriousness of the situation by claiming that there is not a significant risk to its customers given the type of information involved, it is reassuring that there were no email addresses included.

Email addresses are a unique identifier that can allow data brokers to merge and enrich their databases.

‍

So, this is another big data breach that leaves us with more questions than answers. We have to be careful that we don’t shrug these data breaches away with comments like “they already know everything there is to know.”

‍

This kind of information is exactly what scammers need in order to impersonate Dell support.

‍

‍

Protecting yourself from a data breach

‍

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

• Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
• Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
• Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
• Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel.
• Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
• Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

‍