Dell confirms data breach affecting customer personal details

13 May 2024, 09:14

The Dell Computer Ltd Dublin Campus in Sandyford
Dell stock. Picture: PA

The computing giant said it was investigating a data breach which compromised ‘limited’ customer information such as name and physical address.

Computing giant Dell has confirmed it is investigating a data breach which the company says saw some personal information related to customers accessed.

The company did not confirm if the incident was caused by an inadvertent error or had been breached by hackers, but according to reports, an individual has tried to sell data they claim to have accessed in a breach of Dell via an online forum, claiming they accessed the details of 49 million people across several countries.

In a statement, the company said an “incident” involving a “Dell portal” had led to a database containing “limited types of customer information including name, physical address, and certain Dell hardware and order information” being exposed.

The computing firm said it “did not include financial or payment information, email address, telephone number or any highly sensitive customer data”, adding that it did not believe there was a “significant risk” to customers given the nature of the information involved – Dell said it was taking proactive steps to notify them.

A number of people have posted screenshots to social media of an email sent to them by the company confirming the incident.

“Dell Technologies has a cybersecurity program designed to limit risk to our environments, including those used by our customers and partners,” the US firm’s statement said.

“Our program includes prompt assessment and response to identified threats and risks. We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address, and certain Dell hardware and order information.

“It did not include financial or payment information, email address, telephone number or any highly sensitive customer data.

“Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. Our investigation is supported by external forensic specialists.

“We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate.”

Stephen Crow, security director at cybersecurity firm ANS, said recent Dell customers should be alert to any suspicious messages they receive claiming to be Dell or another firm.

““An immediate priority for impacted Dell customers will be to be wary of communications around recent orders, as these could be fraudulent,” he said.

“Malicious actors may seek to gain more data through targeted attacks using the information stolen.

He added: “The data breach at Dell is a stark reminder that no organisation is completely immune from cyber threats, and that all forms of customer data requires stringent protection.

“Despite the absence of financial data, threat actors could potentially use the stolen information to launch phishing or malware attacks against consumers. They are likely to sell this data on the dark web as well, putting customers at even more risk.

“This incident serves as a call to action for companies to reassess their proactive cybersecurity strategies and incident response plans. Prevention is of course preferable, but should the worst happen, businesses need the ability to react quickly to contain the damage and minimise the impact on customers, no matter the type of data involved in a breach.”

By Press Association

More Technology News

See more More Technology News

Close up hand holding mobile phone Nokia 3310 isolated on pink background. Female hand holding old used phone Nokia 3310.

Eton pupils given ‘brick’ phones instead of smartphones under new policy

Cyber attack at major London hospitals

Hundreds of operations and appointments cancelled in week after NHS cyber attack

Labour said it would also ban the creation of sexually explicit deepfakes (PA)

Labour commits to introducing AI regulation for tech giants

Daniel Bedingfield

Pop star Daniel Bedingfield praises AI for capturing ‘soul’ of his music

Elon Musk, CEO of Tesla and SpaceX (PA)

Elon Musk says Tesla shareholders will vote to approve pay deal

Person wearing an Apple watch on their left wrist

Smart watches could help track Parkinson’s disease progression – study

A person's forefinger poised on the keyboard of a laptop computer

Gaming giant Steam facing £656m legal claim for ‘overcharging’ UK gamers

A group of schoolchildren standing around

Most children cannot name MP and fifth get political news from TikTok – survey

A person using a keyboard to sign into the X website on a laptop

Elon Musk confirms X will start hiding likes on posts

A technician working at Currys' Repair Centre in Newark, Nottinghamshire

Currys working to improve consumer trust in refurbished and repaired tech

Raspberry Pi 4 micro computer launch

Raspberry Pi shares jump 40% after London IPO

Apple WWDC event

Apple unveils generative AI assistant for iPhone, iPad and Mac at conference

ChatGPT on a MacBook

Apple keen on more deals with AI chatbots after link-up with ChatGPT

Elon Musk during an ‘in-conversation’ event

Elon Musk says he could ban Apple devices at his companies over OpenAI deal

Apple Intelligence writing tools

Apple Intelligence is ‘promising first step’ for firm’s AI tools, experts say

Data

Genetics testing company 23andMe facing investigation over data breach