May 10, 2024 12:04:00

Dell reveals that a database containing addresses, names, etc. was illegally accessed, with the number of victims estimated at up to 49 million

Dell has sent out an email warning customers after it discovered a database containing names, addresses, Dell hardware and order information had been accessed by an unauthorized outside source.

Dell warns of data breach, 49 million customers allegedly affected

https://www.bleepingcomputer.com/news/security/dell-warns-of-data-breach-49-million-customers-allegedly-affected/

Threat Actor Claims Sale of Dell Database Containing 49 Million Customer Records - Daily Dark Web
https://dailydarkweb.net/threat-actor-claims-sale-of-dell-database-containing-49-million-customer-records/

According to Dell's investigation, an incident occurred involving the 'Dell Portal,' which contains a database containing customer information, resulting in unauthorized access to customer information. Dell has already responded to the incident and notified law enforcement authorities.

Regarding this incident, Dell has sent warning emails to users around the world, including Japan. In the email, the company said, 'Considering the type of information contained in this (database), we do not believe there is any significant risk to customers from this incident,' and 'The information affected does not include financial or payment information, email addresses, phone numbers, or other sensitive customer information.'

I received this email from Dell. I wondered what an incident was, but it's just a data leak, right?
I searched for X to find out how serious the situation is. I don't really understand it from the email alone. #Dell pic.twitter.com/Ks1wNe5pLN

— Aokuro𝕏 (AoQloG - Res) (@AoQloG) May 10, 2024

BleepingComputer contacted Dell for more details and the number of people affected, but was told that they 'don't disclose specific information.'

In this case, someone on a hacking forum has claimed to be selling a database containing personal information on 49 million Dell customers.

The individual claims that the database contains personal and corporate information, such as names, addresses, order numbers and serial numbers of products ordered by customers, and that this information is up-to-date and stored on Dell's servers. The individual also claims that he is the only person with this information.

The database has since been removed from the forum, and BleepingComputer noted that it may have been purchased by someone else.