Windows PC users in the red! Dell confirms that the names and addresses of 49 million customers were stolen

Popular computer maker Dell has issued a warning to millions of customers after discovering a data breach in its systems. The brand, which specializes in Windows laptops and desktops, has been contacted by hackers who claim to have stolen the names and addresses of around 49 million customers.


After an internal investigation confirmed that its databases had been accessed, Dell sent an email to customers worldwide to alert them to the security breach. Several computer owners have posted screenshots on social media showing a report issued by Dell confirming the incident.

“We are currently investigating an incident involving a Dell portal that contains a database of limited types of customer information related to purchases from Dell,” the computer giant said in a statement. “We believe that given the type of information contained, it does not pose a significant risk to our customers.”

However, Dell confirms that the following information was obtained during the incident:

  • Your name
  • Your physical address
  • Dell hardware and ordering information
  • A description of any items you have purchased directly from Dell
  • Dates of your orders
  • Warranty information for your Dell devices

Dell has not confirmed whether the incident was caused by an inadvertent error or whether its system was breached by hackers. However, a security blog This was reported by BleepingComputer that an individual was caught trying to sell personal information from 49 million Dell customers on a forum. This person claimed to have leaked sensitive data through a hack.

Dell confirmed that the data breach “did not involve financial or payment information, email address, phone number or any highly sensitive customer data” and added that it did not believe there was a “significant risk” to customers due to the nature of the information involved. – Dell said it is taking proactive steps to inform them.

“Dell Technologies has a cybersecurity program designed to reduce risks to our environments, including those used by our customers and partners,” the US firm said in a statement.

“Our program includes rapid assessment and response to identified threats and risks. We recently identified an incident involving a Dell portal accessing a database containing limited types of customer information, including name, physical address, and certain Dell hardware and order information.

“It did not contain financial or payment information, an email address, a phone number or any highly sensitive customer information. Upon learning of this incident, we immediately implemented our incident response procedures, applied containment measures, began an investigation, and notified law enforcement. Our investigations are supported by external forensic specialists.

“We continue to monitor the situation and take steps to protect our customers’ information. While we believe it does not pose a significant risk to our customers given the type of information involved, we are taking proactive steps to inform them accordingly.”

Speaking about the risk this latest breach could pose to PC owners around the world, Stephen Crow, chief security officer at cyber security firm ANS, said recent Dell customers should be wary of any suspicious messages , which they receive claiming to be Dell or another company.

“The immediate priority for affected Dell customers will be to be wary of communications regarding recent orders as they may be fraudulent,” he said. “Malicious actors can seek to obtain more data through targeted attacks using stolen information.

THE LATEST DEVELOPMENT

stand in the MWC conference center with the Dell Technologies logo

Dell Technologies booth pictured at Mobile World Congress in Barcelona, ​​Spain earlier this year – the biggest mobile event on the planet

GET THE PICTURES

He added: “The Dell data breach is a stark reminder that no organization is completely immune to cyber threats and that all forms of customer data require strict protection. Despite the absence of financial data, threat actors could potentially use the stolen information to launch phishing or malware attacks against consumers. It is likely that they will also sell this data on the dark web, putting customers at even greater risk.

“This incident serves as a call to action for companies to reevaluate their proactive cybersecurity strategies and incident response plans. Of course, prevention is preferable, but if the worst happens, businesses need the ability to respond quickly to limit the damage and minimize the impact on customers, regardless of the type of data breached.”

More news from Martyn Landi, PA Technology Correspondent