Tuesday, October 15, 2024
HomeCyber Security NewsDell Hack: Attacker Steals Customer Phone Numbers & Service Reports

Dell Hack: Attacker Steals Customer Phone Numbers & Service Reports

Published on

Malware protection

In a concerning development for Dell Technologies, a threat actor known as Menelik has reportedly accessed and scraped sensitive customer data from a Dell support portal.

This latest security breach, which follows a previous incident involving the theft of physical addresses of 49 million Dell customers, now includes the theft of names, phone numbers, and email addresses.

According to a report by TechCrunch, the compromised data was extracted from customer service reports which also contained details about replacement hardware, parts, and comments from on-site engineers.

- Advertisement - SIEM as a Service

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

These reports are highly sensitive as they include dispatch numbers and, in some instances, diagnostic logs directly uploaded from customers’ computers.

The newly compromised data includes:

  • Names, phone numbers, and email addresses of Dell customers
  • Customer “service reports” containing:
  • Information on replacement hardware and parts
  • Comments from on-site engineers
  • Dispatch numbers
  • Diagnostic logs uploaded from customers’ computers
  • Photos taken by customers and uploaded to Dell for technical support, some containing GPS metadata

The breach was further compounded by the discovery that some of the service reports included photographs taken by customers, which were uploaded as part of their technical support requests.

Alarmingly, these images contained metadata that revealed the GPS coordinates of the locations where the photos were taken, posing a significant privacy risk.

TechCrunch has verified the authenticity of the stolen data, which paints a grim picture of Dell’s cybersecurity measures.

The initial response from Dell to the first breach was to downplay the severity, stating that the leaked customer addresses did not pose “a significant risk to our customers” and claimed that no highly sensitive information was compromised.

However, this latest incident contradicts those assurances, as it involved detailed customer information.

The hacker, Menelik, exploited another vulnerability in a different Dell portal to carry out this recent data scrape.

He was able to register multiple accounts as a “partner” on the Dell portal, which typically serves companies that resell Dell products or services. Once approved, Menelik used these accounts to brute-force customer service tags to access the data.

Menelik has communicated to TechCrunch that he has no immediate plans to use the stolen data but is waiting to see how Dell responds to the breach. Meanwhile, Dell has not yet responded to requests for comment on this latest security lapse.

This incident raises serious questions about Dell’s data security practices and the measures it takes to protect customer information.

It also highlights the ongoing challenges that large corporations face in safeguarding against determined and sophisticated cyber attackers.

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details

Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on...

CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address

Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies...

TrickMo Malware Targets Android Devices to Steal Unlock Patterns and PINs

The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further...

pac4j Java Framework Vulnerable to RCE Attacks

A critical security vulnerability has been discovered in the popular Java framework pac4j. The...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details

Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on...

CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address

Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies...

TrickMo Malware Targets Android Devices to Steal Unlock Patterns and PINs

The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further...