Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten

Dell: Intrusion into customer portal leads to data outflow

Dell is currently writing to many customers to inform them that their data has been leaked. Attackers have broken into a customer portal.

Save to Pocket listen Print view
Stilisiertes Bild mit rötlichen Leiterbahnen, offenem Schloss im Vordergrund und den Worten Data Leak, Security, Exploit found

(Bild: Black_Kira/Shutterstock.com)

3 min. read
Security
By
This article was originally published in German and has been automatically translated.

Many customers of computer manufacturer Dell have received emails. In it, the company warns that attackers have broken into a customer portal and copied data. It is likely that 49 million users are affected.

Dell reassures in the letter that "a database of limited types of customer data related to Dell purchases" has been affected by a Dell portal. "We do not believe there is a significant risk to our customers given the nature of the data," the manufacturer states.

Dell: Personal information leaked

The information contained in the database includes name, address, Dell hardware and order information, including a "service tag". According to Dell, item descriptions, order details and warranty information were also visible. Financial and payment information, e-mail address, telephone numbers or other "highly sensitive customer data" were not included.

Dell does not explain exactly when the IT incident occurred. However, the company apparently has an incident response plan, i.e. an emergency plan for IT security incidents, which the IT staff implemented when it became known. Investigations were initiated, measures were taken to contain the incident and law enforcement authorities were informed. Dell has also commissioned an "external forensic company" to investigate. Dell is also continuing to monitor the situation.

Dell is not saying exactly which portal is affected. However, the effects are far-reaching, with emails also being sent internationally, for example in English, to recipients with compromised data. According to Dell's advice, recipients of the email should remain vigilant and not fall for false telephone support, for example. Suspicious activities in the context of the Dell account or suspicious purchases from Dell should be reported immediately by sending an email to security@dell.com.

Dell data offered in underground forum

In an Internet underground forum, a user claims that he has copied the data and is offering 49 million data records for sale. They included the full name, address, service tag in the system, shipping data, warranty data as well as customer and order numbers at Dell - according to what Dell confirms in the e-mail. Seven million records belonged to individuals and personal shoppers, eleven million to consumer companies. It also offers an excerpt as a sample for download.

In an underground forum, a user allegedly puts 49 million data records up for sale.

(Bild: Screenshot / dmk)

Cyberattacks remain on the agenda. Recently, for example, the university in Düsseldorf was once again the victim of such an attack. Battery manufacturer Varta even had to shut down production in February.

(dmk)

Spiele

nach oben
Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten