Home Dell warns 49 million customers about massive data breach

Dell warns 49 million customers about massive data breach

tl;dr

  • Dell has warned customers of a massive data breach following a hacker's claims they accessed information belonging to roughly 49 million customers.
  • The U.S. computer manufacturer has started distributing data breach notifications to customers impacted by the incident, detailing how an attacker gained unauthorized entry to an online portal that housed customer purchase information on its website.
  • Dell states that the breach is not a "significant risk to our customers" and has engaged a third-party forensics firm to investigate the matter further.

Dell has warned customers of a massive data breach following a hacker’s claims they accessed information belonging to roughly 49 million customers.

The U.S. computer manufacturer has started distributing data breach notifications to customers impacted by the incident, detailing how an attacker gained unauthorized entry to an online portal that housed customer purchase information on its website.

The email seen by ReadWrite stated, “We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell.”

Dell data breach email states: Hello,Dell Technologies takes the privacy and confidentiality of your information seriously. We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell. We believe there is not a significant risk to our customers given the type of information involved. What data was accessed? At this time, our investigation indicates limited types of customer information was accessed, including: Name Physical address Dell hardware and order information, including service tag, item description, date of order and related warranty information The information involved does not include financial or payment information, email address, telephone number or any highly sensitive customer information. What is Dell doing? Upon identifying the incident, we promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement. We have also engaged a third-party forensics firm to investigate this incident. We will continue to monitor the situation. What can I do? Our investigation indicates your information was accessed during this incident, but we do not believe there is significant risk given the limited information impacted. However, you should always keep in mind these tips to help avoid tech support phone scams. If you notice any suspicious activity related to your Dell accounts or purchases, please immediately report concerns to security@dell.com.
Dell states that the breach is not a “significant risk to our customers”

According to Dell’s data breach notification, it seems that the attack resulted in the theft of personal information only, without compromising any financial data. The information stolen includes names, physical addresses, as well as hardware and order details from its systems.

The company stated that it “promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement.” It added that a third-party forensics firm has been engaged to investigate the matter and that it would continue to monitor the situation closely.

“We believe there is not a significant risk to our customers given the type of information involved,” Dell wrote in the email.

Reported sale of Dell database

In April, Daily Dark Web reported a major security breach, with a threat actor claiming to sell a database allegedly holding 49 million customer records from Dell. The supposed data includes details about systems purchased from Dell between 2017 and 2024, forming a comprehensive repository of customer information.

The data claimed to be from current and sourced from Dell servers, includes critical personal and corporate information such as full names, addresses, cities, provinces, postal codes, countries, unique 7-digit service tags, system shipment dates, warranty plans, serial numbers for monitors, Dell customer numbers, and Dell order numbers.

The threat actor alleges to have exclusive access to this data, which contains a large trove of information. Of the records, approximately 7 million relate to individual/personal purchases, and 11 million are linked to consumer segment companies, with the rest involving enterprises, partners, schools, or unidentified entities.

In addition, the threat actor points out that the most affected countries are the United States, China, India, Australia, and Canada.

ReadWrite reached out to Dell for comment, who responded: “We are not disclosing this specific information from our ongoing investigation.”

Featured image: Canva / Ideogram

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Suswati Basu
Tech journalist

Suswati Basu is a multilingual, award-winning editor and the founder of the intersectional literature channel, How To Be Books. She was shortlisted for the Guardian Mary Stott Prize and longlisted for the Guardian International Development Journalism Award. With 18 years of experience in the media industry, Suswati has held significant roles such as head of audience and deputy editor for NationalWorld news, digital editor for Channel 4 News and ITV News. She has also contributed to the Guardian and received training at the BBC As an audience, trends, and SEO specialist, she has participated in panel events alongside Google. Her…

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.