Dell Confirms Breach Exposing 49 Million Users' Addresses

Dell Technologies has reported a data breach impacting approximately 49 million customers, exposing names and physical addresses. This incident has been traced back to unauthorized access of an online portal that stores customer information related to purchases on Dell’s site.

The breach was brought to light on the Daily Dark Web website where it was reported that a hacker known by the alias Menelik had claimed responsibility for the hack on a cybercrime forum. According to Menelik, the data was obtained by creating multiple Dell partner accounts with fake company names. Menelik could then use these accounts to log into a Dell portal. The hacker then reportedly used a program to send thousands of requests to access sensitive customer information per minute. Dell apparently failed to detect the intrusion at this time.

Dell has since stated that it has implemented the necessary incident response measures. The company also engaged with law enforcement and cybersecurity experts to investigate the breach further.

In a data breach notification shared with BleepingComputer, Dell assured its customers that the breach does not pose a significant risk, as the information accessed did not include financial details, email addresses, or phone numbers. The company emphasizes that the stolen data only consists of names, postal addresses, and details related to hardware purchases, such as service tags and warranty information.

The exposure of personal addresses and names, however, raises concerns about the potential misuse of such data, such as targeted phishing attacks. Security experts advise affected customers to be vigilant about any communication claiming to be from Dell or related services, especially if it requests personal information or prompts them to click on suspicious links.