Dell hacker claims to have scraped millions of customer records | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Dell is in the midst of a data security crisis after a hacker named Menelik claimed responsibility for a breach exposing millions of customers’ personal information. Menelik said they directly accessed Dell servers and scraped a massive dataset for weeks before detection.

Dell Hacker scraped data of nearly 50 million customer records

Menelik claims to have exploited a vulnerability in a Dell partner portal. They described using a brute-force attack, bombarding a specific login page with attempts exceeding “5,000 requests per minute.” This method allows hackers to crack weak passwords, potentially gaining access to user accounts. Menelik further claims to have scraped over 49 million customer records from Dell’s servers. This data reportedly includes names, addresses, and details of Dell purchases.

Dell has confirmed the incident and launched an investigation. However, the company downplays the severity of the breach, maintaining that the exposed data wasn’t highly sensitive. The hacker even listed the stolen database of Dell customers’ information on a well-known hacking forum, according to a report by Daily Dark Web. TechCrunch was able to verify the legitimacy of the data breach by confirming leaked data with some Dell customers.

Dell patches vulnerability after weeks of hacker activity

Menelik exploited the vulnerability for weeks before emailing Dell about it in mid-April. In what they say was an attempt to alert the company, Menelik also shared screenshots as proof. It allegedly took Dell nearly a week to patch the issue, highlighting a potential lack of urgency in addressing security concerns.

Dell has yet to comment on the duration of the Dell hacker scraped data breach or the exact number of affected customers. The company has also not disclosed what steps it is taking to notify customers about the breach. This incident is the latest in a string of cyberattacks that have targeted major corporations in recent months. It highlights the importance of cybersecurity measures and the need for companies to be proactive in protecting customer data.

Copyright ©2024 Android Headlines. All Rights Reserved.

This post may contain affiliate links. See our privacy policy for more information.

May 13, 2024


Click Here For The Original Story From This Source.


National Cyber Security