In a concerning development for Dell Technologies, a threat actor known as Menelik has reportedly accessed and scraped sensitive customer data from a Dell support portal.
This latest security breach, which follows a previous incident involving the theft of physical addresses of 49 million Dell customers, now includes the theft of names, phone numbers, and email addresses.
According to a report by TechCrunch, the compromised data was extracted from customer service reports which also contained details about replacement hardware, parts, and comments from on-site engineers.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers
These reports are highly sensitive as they include dispatch numbers and, in some instances, diagnostic logs directly uploaded from customers’ computers.
The newly compromised data includes:
- Names, phone numbers, and email addresses of Dell customers
- Customer “service reports” containing:
- Information on replacement hardware and parts
- Comments from on-site engineers
- Dispatch numbers
- Diagnostic logs uploaded from customers’ computers
- Photos taken by customers and uploaded to Dell for technical support, some containing GPS metadata
The breach was further compounded by the discovery that some of the service reports included photographs taken by customers, which were uploaded as part of their technical support requests.
Alarmingly, these images contained metadata that revealed the GPS coordinates of the locations where the photos were taken, posing a significant privacy risk.
TechCrunch has verified the authenticity of the stolen data, which paints a grim picture of Dell’s cybersecurity measures.
The initial response from Dell to the first breach was to downplay the severity, stating that the leaked customer addresses did not pose “a significant risk to our customers” and claimed that no highly sensitive information was compromised.
However, this latest incident contradicts those assurances, as it involved detailed customer information.
The hacker, Menelik, exploited another vulnerability in a different Dell portal to carry out this recent data scrape.
He was able to register multiple accounts as a “partner” on the Dell portal, which typically serves companies that resell Dell products or services. Once approved, Menelik used these accounts to brute-force customer service tags to access the data.
Menelik has communicated to TechCrunch that he has no immediate plans to use the stolen data but is waiting to see how Dell responds to the breach. Meanwhile, Dell has not yet responded to requests for comment on this latest security lapse.
This incident raises serious questions about Dell’s data security practices and the measures it takes to protect customer information.
It also highlights the ongoing challenges that large corporations face in safeguarding against determined and sophisticated cyber attackers.
On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free
