Hackers claim to have collected 49 million Dell customer addresses before the company discovered the breach

A hacker calling himself Menelik claimed he stole the data of 49 million Dell customers. Menelik claims to have illegally accessed an online Dell portal and stolen customer data, including home addresses, directly from Dell’s servers.

Techlade has verified that a portion of the stolen data matches Dell customer records.

On Thursday, Dell sent an email to customers informing them that they had suffered a data breach, which included customer names, home addresses, and Dell order information.

In an attempt to downplay the incident, Dell wrote in an email that “we believe the risk to our customers is low due to the nature of the information that was taken,” implying that they do not consider customer addresses to be “highly sensitive” information.

This hacker claimed to have registered under various names as a “partner” on a specific Dell portal. According to him, a “partner” is a company that resells Dell products or services. After Dell approved his partner account, Menelik said he had brute-forced customer service cards, which were seven digits long and consisted only of numbers and consonants. He also stated that “any type of partner” could access the portal he had been granted access to.

Menelik, a security expert revealed that he had successfully infiltrated Dell’s systems for nearly 3 weeks, stealing 50 million sensitive data. He did this by sending more than 5,000 requests per minute to Dell’s website containing sensitive information. Although the attack took place over a long period of time, Dell did not detect it.

He shared screenshots of some of the emails he sent in mid-April, also saying that at some point he stopped stealing data and did not get the entire customer database. A Dell spokesperson confirmed to Techlade that the company received the attacker’s email.

The attacker listed Dell customers’ stolen databases on a popular hacking forum. The listing on the forum was first reported by Daily Dark Web .

Techlade confirmed that the attacker had legitimate Dell customer data by sharing some of the names and service tags of customers – with their permission – who received breach notification emails from Dell . In one case, an attacker found a customer’s personal information by searching for his name in stolen records. In another case, he was able to find another victim’s corresponding profile by searching for a specific hardware service tag from her order.

In other cases, Menelik was unable to find information and said he did not know how Dell identified affected customers. “Checking by the name you provided, it appears they sent this email to unaffected customers,” the attacker said.

Dell has not yet clarified to whom the home address belongs. Techlade’s analysis of a sample of the stolen data shows addresses that appear to be related to the original purchaser of the Dell device, such as a business making purchases for remote workers. In cases where consumers purchased directly from Dell, Techlade discovered that many of those home addresses also corresponded to the consumer’s home address or other location to which they had requested delivery.

Dell did not refute our findings when asked for comment.

When Techlade sent a series of specific questions to Dell based on what the attacker said, an anonymous company spokesperson said “prior to receiving the attacker’s email, Dell was aware of it and was investigating incidents, implement response procedures and take preventive steps.” Dell provides no evidence for this claim.

It should be noted that cyberattacks are against the law and we have reported the incident to the authorities. At this time, we will not release any information that could impact our ongoing investigation or other investigations conducted by authorities.