Dell Technologies has sent out emails to its customers, warning them of a data breach that potentially exposed the information of approximately 49 million customers.
The emails come days after a threat actor called Menelik claimed the breach on BreachForums and offered to sell “data for 49 million customers and other information systems purchased from Dell between 2017-2024.”
“We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell,” Dell said in the email.
The type of information stolen is believed to include name, physical address, and purchase order details.
No sensitive information breached
On April 28, Menelik listed stolen data from Dell on BreachForum that included customer information with non-financial fields such as City, Full Name, Address, Province, Postal Code, Warranty plan, Company name, Dell Order Number, Dell customer Number, System shipped date (order date), and Unique 7-digit service tag of the system.
“The information involved does not include financial or payment information, email address, telephone number or any highly sensitive customer information,” Dell said.
Although harmless from an adversary point of view, the stolen data could be used for profiling by marketing companies and competitors, or in phishing campaigns.
“We do not believe there is significant risk given the limited information impacted,” the company added.
Additional breached data
In the BreachForum claim, the threat actor disclosed that stolen data consists of “about 7 million rows of individual/personal purchase data”, with 11 million rows of consumer segment company data.
Additionally, the database contains entries from enterprise clients, partners, educational, institutions, and other entries. The hacker also specified that the data is up for sale to a single buyer for an undisclosed amount.
There were implications in the post that the data might also consist of some sensitive information. “I don’t have email/phone for this 49 million but I do have email & phone number of some several thousand other customers. All recent,” the hacker had added.
The threat actor had also shared the top five countries with systems in the leaked database — the US, China, India, Australia, and Canada.
A Dell investigation is underway while the customers await further details on the breach. “Upon identifying the incident, we promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement,” the company said in the email. “We have also engaged a third-party forensics firm to investigate this incident.” In addition, the company is advising customers to be wary of tech support phone scams that could involve exploiting the stolen data.