Dell Hacked, 49 Million Users Exposed

Dell Hacked, Sales Data Leaked on the Darknet
Dell confirms the leak published on the Darknet almost two weeks earlier

On Friday, May 10, Dell Technologies released a claim regarding the massive data leak that happened in their internal network. Data breach allegedly touches up to 49 million users, and contains only a few pieces of personally identifiable information. It looks like the hack was claimed back in late April by a threat actor on a Darknet forum.

Dell Hacked, Leaking User Data

On May 10, Dell released the official statement regarding a data breach, and started sending emails to the customers exposed in the leak. More specifically, a server that keeps the sales-related information was hit, so it is particularly easy to estimate the possible types of exposed information. Though, Dell does not keep this information in secret and openly details what exactly was leaked in the said emails.

Dell notification
Example of the emails that Dell sends to notify the users whose data was exposed in the breach (click to see the full version)

What is disturbing is that the security breach was in fact claimed back on April 28. The user of Breached forum Menelik placed the database for sale, accepting messages from anyone “to discuss use cases and opportunities”. Later, they updated the post, including the screenshot of the official Dell email notification as a proof of the leak’s originality.

Breached forum post

Aside from the confirmation of the breach, the hacker provides some more data regarding what data was leaked. Forum post says about the leak consisting mostly of data of large clients, such as enterprises, educational institutions and so on. Customers and customer-oriented retailers have only 18 million records in the breach. The majority of clients in the leak are from the US, Canada, India and China.

How dangerous is Dell data leak?

Despite quite a scale of this data breach, types of exposed data are not really threatening. Passwords and payment information are left untouched, and this should be the biggest relief for anyone who will receive the notification from Dell.

Still, shipping addresses and the full name fall under the designation of personally identifiable information. These two will not make much of a fuss, but another two, and two more from a different company – and the hacker has a full pack of data about the person. Be careful with the websites and companies you share your personal information on: as you can see, even big corporations are not invulnerable.

One thing that bothers me here is whether the hack is only about the server that has kept the sales data. It is rather common for hackers to sell/share for free less valuable data on the Darknet after ceasing their persistence. More valuable pieces, like login credentials or any keys for further attacks, hackers will keep to themselves – most likely to use in another attack. And it won’t be an easy task to guess which system will be its target.

Dell Hacked, 49 Million Users Exposed

By Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

Leave a comment

Your email address will not be published. Required fields are marked *