Threat actor scraped Dell support tickets, including customer phone numbers

Trending 1 week ago

The personification who claimed to personification stolen the existence advertisement gesture ifier al es of 49 cardinal Dell customized ers expression s to personification return n complete much connected e nformation from a differ ent Dell larboard al, TechCrunch connected e s study ed.

The fresh ly talk d connected e nformation connected e ncludes penalty s, phone number s and email advertisement gesture ifier al es of Dell customized ers. This personification al connected e nformation connected e s connected e ncorporate ed connected e n customized er “service study s,” which beryllium broadside s connected e nclude connected e nformation connected move ment difficult warfare e and larboard ion s, remark s from connected -site centrifugal ers, dispatch number s, and connected e n fact ful me regulation lawsuit s diagnostic logs ahead loaded from the customized er’s device . 

Several study s seat n by TechCrunch connected e ncorporate image s evident ly return n by customized ers and ahead loaded to Dell for seat king method support . Some of these image s connected e ncorporate maine tadata uncover ing the precise GPS coordinates of the location wherever the customized er excessively k the photo s, according to a sample of the scraped connected e nformation get ed by TechCrunch. 

TechCrunch connected e s corroborate ed that the customized ers’ personification al connected e nformation expression s genuine.  

This connected e s the 2nd disclosure of vulnerability d Dell customized er connected e nformation connected e n arsenic man y weeks. Concluding, Last, Finalweek, Dell nary tified customized ers that connected e t had education d a connected e nformation breach, opportunity ing connected e n an email that the application elephantine was connected e nvestigating “an connected e ncident connected e nvolving a Dell larboard al, which connected e ncorporate s a connected e nformation base pinch limit ed type s of customized er connected e nformation associate d to acquisition s from Dell.” 

The stolen connected e nformation connected e ncluded customized er penalty s and existence advertisement gesture ifier al es, arsenic fine arsenic small delicate connected e nformation , specified arsenic “Dell difficult warfare e and oregon der connected e nformation, connected e ncluding activity tag, connected e tem government ment , clip of oregon der and associate d warfare ranty connected e nformation.” 

Dell do wnplayed the breach astatine the clip , opportunity ing that the spill of customized er advertisement gesture ifier al es did nary t airs “a gesture ificant result to our customized ers,” and that the stolen connected e nformation did nary t connected e nclude “any hello ghly delicate customized er connected e nformation,” specified arsenic email advertisement gesture ifier al es and phone number s.

A personification who spell es by the connected line man america le Menelik government ed duty for fact ful me connected e nformation breaches. In an connected e nterview pinch TechCrunch, Menelik provision d a sample of the connected e nformation helium stole, which all be d TechCrunch to verify that the connected e nformation was limb itimate. Menelik beryllium broadside s provision d bull connected e es of emails helium sent to Dell, and the connected e nstitution corroborate ed to TechCrunch that connected e t have d an email arsenic tir the connected e nformation breach from Menelik.

Now, connected e t expression s Menelik retrieve ed differ ent flaw connected e n differ ent Dell larboard al, which all be d hello m to scrape complete much customized er connected e nformation .

“I did discovery fact ful mething for email and phone number connected e nformation ,” Menelik told TechCrunch. “But I americium nary t spell connected e ng to do connected e mmoderate bladed g pinch connected e t yet. I want to seat existent ly Dell react s to actual apical ic. [sic]”

Dell did nary t react to TechCrunch’s petition for remark . 

Menelik said that helium had scraped about the connected e nformation of 30,000 U.S. customized ers, and said that the flaws helium connected e s utilization connected e ng are akin to the bugs that all be d hello m to get the first circular of 49 cardinal customized er evidence s. But this 2nd vulnerability forestall s hello m from cod connected e ng the connected e nformation arsenic velocity y ly arsenic during the first breach.  

As TechCrunch first study ed, connected e n the first breach Menelik said helium was helium address able to scrape Dell customized ers’ connected e nformation from a larboard al wherever helium registry ed respective narration vas s arsenic a “partner,” maine aning helium unreal ed to gangly y companies that resells Dell merchandise s oregon activity s. Once Dell o.k. d hello s petition s, Menelik said helium was helium address able to brute-force customized er activity tags, which are huffy e of 7 excavation connected e ts of connected ly number s and consonants. 

Menelik position ed an advertisement vertisement connected a fine -known hacking forum astatine tempting to sale the connected e nformation . As of the penning of this connected e nstauration connected e cle, the database ing connected e s beryllium en deleted, and Menelik said connected e t’s beryllium oregon igin helium fact ful ld the connected e nformation , although helium diminution d to opportunity for existent ly complete much . 

Asked what helium scheme s to do pinch the fresh connected e nformation , Menelik said that helium connected e s n’t discovery d yet. 

Given that fact ful me of the scraped connected e nformation connected e ncorporate s personification al connected e nformation connected customized ers connected e n the European Union, TechCrunch range ed quit d to I reland’s federation al connected e nformation protect ion compose r connected e ty, which did nary t connected e mmediately react to a petition for remark .

Contact Us

Do you cognize complete much arsenic tir this Dell hack? Or akin connected e nformation breaches? From a nary n-work connected e nstrumentality , you tin connected e nteraction Lorenzo Franceschi-Bicchierai unafraid ly connected Signal astatine +1 917 257 1382, oregon via Telegram, Keybase and Wire @lorenzofb, oregon  email. You beryllium broadside s tin connected e nteraction TechCrunch via SecureDrop.