Computer maker Dell faced a huge security challenge after a cyberattack stole information for approximately 49 million customers.
Dell confirmed that the type of information stolen includes people’s names, postal addresses, and Dell hardware and order information, such as service tags, item descriptions, order dates and different warranty information.
Menelik, the threat actor behind the attack, openly told told TechCrunch how he extracted such a huge amount of data from Dell without being detected.
CLICK HERE TO GET KURT’S FREE NEWSLETTER, THE CYBERGUY REPORT
Menelik set up several partner accounts within the Dell company portal which, when approved, allowed the hacker to use a brute-force attack to access customer data. A brute-force attack consists of an attacker submitting many passwords or passphrases hoping to eventually guess correctly.
The hacker sent more than 5,000 requests per minute to the page for nearly three weeks, and Dell did not notice anything. After sending nearly 50 million requests and scraping enough data, Menelik sent multiple emails to Dell, notifying the company of the vulnerability. It took Dell nearly a week to patch it all up, according to the hacker. Dell confirmed to TechCrunch that it received the hacker's email notification of the vulnerability.
MASSIVE FREE VPN DATA BREACH EXPOSES 360 MILLION RECORDS
Dell sits as the No. 3 PC vendor in the world behind Lenovo and HP, and the affected accounts represent a small fraction of its user base. The company communicated this statement to affected users:
"We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell. We believe there is not a significant risk to our customers given the type of information involved."
We reached out to Dell and a representative for the company provided us with this statement:
GET SECURITY ALERTS, EXPERT TIPS — SIGN UP FOR KURT’S NEWSLETTER — THE CYBERGUY REPORT HERE
"Dell Technologies has a cybersecurity program designed to limit risk to our environments, including those used by our customers and partners. Our program includes prompt assessment and response to identified threats and risks. We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address, and certain Dell hardware and order information. It did not include financial or payment information, email address, telephone number or any highly sensitive customer data.
"Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. Our investigation is supported by external forensic specialists. We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate."
WHAT A MASSIVE HEALTHCARE CYBERATTACK AT ASCENSION MEANS FOR YOUR PRIVACY AND SECURITY
There’s no immediate aftermath of this data leak. Dell believes the risk to its customers is not significant since financial and payment information, email addresses and phone numbers were not stolen in this attack. However, the risk of phishing or even major malware and ransomware attacks still exists. The threat actors might try sending personalized letters with infected drives, a tactic seen before.
ASK OUR TECH EXPERT ANY QUESTION, AND GET KURT’S FREE CYBERGUY REPORT NEWSLETTER HERE
There's a good chance this data leak has already been sold on the dark web. The hacker posted the information for sale on the dark web and then took it down quickly, which often happens when someone buys the whole database. If you're a Dell customer who bought hardware between 2017 and 2024, be very careful about any messages you get in the mail claiming to be from Dell, especially if they ask for personal information.
OVER HALF A MILLION ROKU ACCOUNTS COMPROMISED IN SECOND CYBER SECURITY BREACH
GET FOX BUSINESS ON THE GO BY CLICKING HERE
In the wake of the cyberattack on Dell, consider taking several proactive steps to protect your personal information:
1. Change your passwords: Although Dell says your personal details like phone number and email address haven’t been leaked, it’s still advisable to change the password of your Dell account if you have one. Consider using a password manager to generate and store complex passwords.
2. Avoid tech support phone scams: Since the hackers have your data, they may try to get in touch with you, posing as a Dell employee. Always verify if the tech support person you’re talking to actually works for Dell. Be skeptical about all unsolicited phone calls, and don’t provide any personal information.
3. Be wary of mailbox communications: Bad actors may also try to scam you through snail mail. The data leak gives them access to your address. They may impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions and security alerts.
4. Report any suspicious activity: If you notice any suspicious activity related to your Dell accounts or purchases, report them to security@dell.com. This may include unauthorized purchases, unusual login attempts, or changes in account information.
QUICK TIPS. EXPERT INSIGHTS. CLICK TO GET THE FREE CYBERGUY REPORT NEWSLETTER
5. Monitor your accounts and transactions
You should check your online accounts and transactions regularly for any suspicious or unauthorized activity. If you notice anything unusual, report it to the service provider or the authorities as soon as possible. You should also review your credit reports and scores to see if there are any signs of identity theft or fraud.
6. Use identity theft protection
Identity Theft protection companies can monitor personal information like your home title, Social Security Number (SSN), phone number and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.
7. Invest in personal data removal services: While no service guarantees complete data removal from the internet, utilizing a removal service can be beneficial for those seeking to monitor and automate the deletion of their personal information from numerous sites over time. Check out my top recommendations for removal services here.
Dell’s recent data leak highlights the lapse in the computer maker’s security infrastructure. The attackers being inside the network for an extended period is especially troubling. Given Dell's role in providing hardware and software solutions, including backup and recovery tools, for critical infrastructure, a thorough investigation into its code and supply chain for signs of tampering is crucial. Dell is working with law enforcement and third-party security experts to investigate the incident, so that’s a step in the right direction.
Have you adjusted your online behavior or preferences due to concerns about data privacy and security breaches? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you'd like us to cover.
Follow Kurt on Facebook, YouTube and Instagram
Answers to the most-asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
