Threat Alert: 49 Million Dell Breach Victims 

breachthreat alert
Written By Ceri Maund

Dell has begun the process of sending breach notification emails to approximately 49 million customers, whose data has been compromised in a recent cyber-attack. The email to customers came days after a threat actor called Menelik claimed the breach on BreachForums and offered to sell “data for 49 million customers and other information systems purchased from Dell between 2017-2024.” The thread was quickly deleted, which usually happens if someone buys the database. 

 A Dell data breach notification shared with BleepingComputer stated: “We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell. We believe there is not a significant risk to our customers given the type of information involved."  

 

Customers affected by this incident will receive an email similar to the below stating that names, physical addresses and Dell hardware and order information including: service tag, item description, date of order, and related warranty information, were accessed by the threat actor during the breach. 

Dell believes that the threat to its customers is relatively low as no financial or payment data, email addresses, or phone numbers were compromised in this incident. Nonetheless, the potential for phishing, malware, or ransomware attacks remains, as threat actors could craft personalised communications with removable drives containing malicious code, a tactic employed previously by threat actors.  

By using the service tag, threat actors can also search what type of device you have which allows for increased personalisation to attacks. This is demonstrated below.

Remain Vigilant 

As the information looks likely to be already acquired by malicious actors, if you are a Dell customer who purchased hardware between 2017 and 2024, please be wary of any communication claiming to be from Dell. By using the service tag, threat actors can search what type of device you have which allows for increased personalisation to attacks. If you receive an email or physical mailing, you should instead contact Dell directly to confirm it is legitimate. 

 

If you have concerns or queries please contact the PureCyber team on info@purecyber.com 

 

Ceri Maund
Previous

Is Your Software Supply Chain Your Biggest Cyber Risk?

Next

Sports & Stadium Cyber Security: Implications of Martyn’s Law