HomeSecurity OperationsHacker claims to have stolen Dell customer data: here's how to protect...

Hacker claims to have stolen Dell customer data: here’s how to protect yourself

Published on

spot_img

A recent data breach against PC maker Dell has been attributed to a hacker who goes by the name Menelik. Menelik has claimed responsibility for not one, but two separate attacks on Dell’s online portals, resulting in the theft of sensitive customer information. The first attack targeted a portal through which Menelik was able to steal customer names, physical addresses, and order information. In a subsequent attack just days later on a different portal, Menelik managed to obtain customer names, phone numbers, and email addresses.

In the initial attack, which affected approximately 49 million Dell customers, Menelik described the method he used to gain access to the portal. By registering with different names for Dell resellers on the specific portal, Menelik was able to exploit a vulnerability and brute-force the seven-digit customer service tags. This allowed him to access sensitive information with ease. Despite sending thousands of requests per minute for nearly three weeks, Dell failed to detect the breach until Menelik notified them himself. It took Dell nearly a week to patch up the vulnerability after being alerted by the hacker.

Following the data breaches, Dell confirmed to TechCrunch that they had indeed been compromised, with Menelik claiming credit for the attacks. While Dell did not disclose whose physical addresses were compromised, it was discovered that the addresses belonged to businesses buying products for remote workers and consumers ordering products for personal use.

As for the stolen records, Menelik admitted to posting an ad on a dark web hacking forum in an attempt to sell the data. The hacker later revealed that he had successfully sold the data but did not disclose the price at which it was sold.

In the second attack, Menelik targeted another portal and managed to acquire customer names, phone numbers, email addresses, and Dell service reports. These reports contained detailed information on replacement hardware, dispatch numbers, and diagnostic logs uploaded from customer PCs. Approximately 30,000 Dell customers in the US were affected by this breach. While the methods used in the second attack were similar to those in the first, Menelik encountered difficulties in stealing data as quickly as before.

Data breaches and cyberattacks have become commonplace, highlighting the vulnerabilities in companies’ security measures and the risks of storing sensitive information online. In light of these incidents, individuals are advised to take proactive steps to protect themselves from potential breaches:

1. Set up a strong password: Using a password manager to generate and store complex passwords can help enhance security.
2. Use two-factor authentication: Enable 2FA on your accounts to add an extra layer of protection.
3. Stay vigilant for scams: Be wary of phishing attempts and spoofing scams targeting your personal information.
4. Monitor your credit: Regularly check your credit reports and consider freezing your credit to prevent identity theft.

As cyber threats continue to evolve, it is crucial for individuals to prioritize cybersecurity measures to safeguard their personal information and mitigate the risks of data breaches.

Source link

Latest articles

UNK MassTraction Aims for Partnerships with US and Canadian Universities

Targeted Cyber Attacks on U.S. and Canadian Universities: The Threat of UNK_MassTraction A newly identified...

Dell BIOS Flaw Allows Attackers to Extract Plaintext Passwords Without Brute Force

Critical Dell BIOS Vulnerability Exposed: An Urgent Security Concern A recently surfaced vulnerability in Dell's...

KDDI Data Breach Exposes Personal Information of 12 Million Individuals

Significant Data Breach at KDDI Affects 12 Million Users in Japan In a troubling development,...

Zimbra Issues Security Update for Stored XSS Vulnerability in Classic Web Client

Zimbra Addresses Stored XSS Vulnerability with Daffodil v10.1.19 Update Zimbra, a prominent provider of collaboration...

More like this

UNK MassTraction Aims for Partnerships with US and Canadian Universities

Targeted Cyber Attacks on U.S. and Canadian Universities: The Threat of UNK_MassTraction A newly identified...

Dell BIOS Flaw Allows Attackers to Extract Plaintext Passwords Without Brute Force

Critical Dell BIOS Vulnerability Exposed: An Urgent Security Concern A recently surfaced vulnerability in Dell's...

KDDI Data Breach Exposes Personal Information of 12 Million Individuals

Significant Data Breach at KDDI Affects 12 Million Users in Japan In a troubling development,...