Dell admits to data breach: sensitive user data in peril

The American technology giant has notified some of its customers about a data breach that involved sensitive data, including users’ physical addresses.

Dell Technologies says that it’s currently investigating an incident “involving a Dell portal,” which contains a database with customer information related to purchases.

“We believe there is not a significant risk to our customers given the type of information involved,” the company said.

It hasn’t shared the information about the incident publicly, and we’re basing this report on a notification email that’s currently doing the rounds on social media. We’ve reached out to the company to verify the legitimacy of this email.

“Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. Our investigation is supported by external forensic specialists. We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate,” Dell Media Relations Team said in an email to Cybernews.

Details are scarce as the investigation is still ongoing. For now, the company insists “there is significant risk given the limited information impacted.”

As per the notification letter, the breach involves the following information:

  • Name
  • Physical address
  • Dell hardware and order information, including service tag, item description, date of order and related warranty information

It didn’t involve payment information, email address or telephone number, and what Dell considers to be “highly sensitive customer information.”

The company has chosen not to disclose the number of the affected people and the nature of the incident believing it “could compromise the integrity of our ongoing investigation or any investigations by law enforcement.”

Dell Data Breach?
byu/packetintransit inDell

Never underestimate a breach

As per Dirk Schrader, VP of Security Research, at Netwrix, one should never underestimate the consequences of the breach as any breached data would likely be leveraged further, resulting in mass phishing campaigns.

“Cybercrime groups have a history of exploiting known pieces of information to lend credibility to a crafted message and lure a victim into providing more information or valid credentials. As users still tend to reuse passwords across different platforms, one compromised account may open the door to many other accounts with sensitive information and credit card details,” Schrader said.

Therefore, users should always be cautious about incoming messages and even printed letters delivered by post with a QR code.

“To protect sensitive accounts, users should consider leveraging password managers and turning on multi-factor authentication where possible. For businesses of any size, employing an identity threat detection and response solution is a must to spot any abnormal activity in a timely manner and respond to the threat quickly before any serious damage occurs,” he added.

More from Cybernews:

Teardown of Huawei's new flagships points to progress China has made

Amazon launches its Bedrock Studio preview

Everyone's mad at Apple iPad's ad

Samsung unveils 114-inch TV for $130,000 and also comes with a smaller TV

Neuralink’s brain implant runs into problems, but patient is safe

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked