On Friday, May 10, Dell Technologies released a claim regarding the massive data leak that happened in their internal network. Data breach allegedly touches up to 49 million users, and contains only a few pieces of personally identifiable information. It looks like the hack was claimed back in late April by a threat actor on a Darknet forum.
Dell Hacked, Leaking User Data
On May 10, Dell released the official statement regarding a data breach, and started sending emails to the customers exposed in the leak. More specifically, a server that keeps the sales-related information was hit, so it is particularly easy to estimate the possible types of exposed information. Though, Dell does not keep this information in secret and openly details what exactly was leaked in the said emails.
What is disturbing is that the security breach was in fact claimed back on April 28. The user of Breached forum Menelik placed the database for sale, accepting messages from anyone “to discuss use cases and opportunities”. Later, they updated the post, including the screenshot of the official Dell email notification as a proof of the leak’s originality.
Aside from the confirmation of the breach, the hacker provides some more data regarding what data was leaked. Forum post says about the leak consisting mostly of data of large clients, such as enterprises, educational institutions and so on. Customers and customer-oriented retailers have only 18 million records in the breach. The majority of clients in the leak are from the US, Canada, India and China.
How dangerous is Dell data leak?
Despite quite a scale of this data breach, types of exposed data are not really threatening. Passwords and payment information are left untouched, and this should be the biggest relief for anyone who will receive the notification from Dell.
Still, shipping addresses and the full name fall under the designation of personally identifiable information. These two will not make much of a fuss, but another two, and two more from a different company – and the hacker has a full pack of data about the person. Be careful with the websites and companies you share your personal information on: as you can see, even big corporations are not invulnerable.
One thing that bothers me here is whether the hack is only about the server that has kept the sales data. It is rather common for hackers to sell/share for free less valuable data on the Darknet after ceasing their persistence. More valuable pieces, like login credentials or any keys for further attacks, hackers will keep to themselves – most likely to use in another attack. And it won’t be an easy task to guess which system will be its target.
