Dell is warning customers of a data breach that allegedly impacted 49 million customers. The PC makers, in an email, warned users it was investigating an incident involving a Dell portal that contained limited types of customer information related to purchases from the company.
Dell further stated it believed there is no significant risk to customers given the type of information involved, a report from Bleeping Computer said.
According to Dell, the information accessed by threat actors during the breach included names, physical addresses, and other information related to Dell hardware and order information but does not include financial or payment information, email addresses, or telephone numbers. The company also stated it is working with law enforcement agencies and a third-party forensic agency to investigate the incident.
The data breach first came to light when a threat actor attempted to sell a Dell database on a hacking forum on 28 April.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
The threat actor claimed they had access to stolen data from the computer maker for 49 million customers and other information related to systems purchased from Dell between 2017-2024.
While Dell does not believe the data breach poses a significant threat to customers, threat actors in the past have been known to target individuals whith physical mailings with phishing links or ones that contain media like DVDs and thumb drives to install malware on target’s devices.
The post on a hacking forum advertising the sale of the data has since been removed and could indicate the data is being used in other forms of attacks. Customers are therefore advised to be wary of physical mailings or emails that could be impersonating Dell asking to install software, change passwords, or perform actions that could risk their security.
