The American technology giant has notified some of its customers about a data breach that involved sensitive data, including users’ physical addresses.
Dell Technologies says that it’s currently investigating an incident “involving a Dell portal,” which contains a database with customer information related to purchases.
“We believe there is not a significant risk to our customers given the type of information involved,” the company said.
It hasn’t shared the information about the incident publicly, and we’re basing this report on a notification email that’s currently doing the rounds on social media. We’ve reached out to the company to verify the legitimacy of this email.
“Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. Our investigation is supported by external forensic specialists. We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate,” Dell Media Relations Team said in an email to Cybernews.
Details are scarce as the investigation is still ongoing. For now, the company insists “there is significant risk given the limited information impacted.”
As per the notification letter, the breach involves the following information:
- Name
- Physical address
- Dell hardware and order information, including service tag, item description, date of order and related warranty information
-
It didn’t involve payment information, email address or telephone number, and what Dell considers to be “highly sensitive customer information.”
The company has chosen not to disclose the number of the affected people and the nature of the incident believing it “could compromise the integrity of our ongoing investigation or any investigations by law enforcement.”
Never underestimate a breach
As per Dirk Schrader, VP of Security Research, at Netwrix, one should never underestimate the consequences of the breach as any breached data would likely be leveraged further, resulting in mass phishing campaigns.
“To protect sensitive accounts, users should consider leveraging password managers and turning on multi-factor authentication where possible. For businesses of any size, employing an identity threat detection and response solution is a must to spot any abnormal activity in a timely manner and respond to the threat quickly before any serious damage occurs,” he added.
(Courtesy: Cybernews)