A threat actor claiming to be behind the recent Dell data breach has said he managed to steal the data of 49 million customers by brute-forcing a company portal and milking it for almost three weeks.
Dell released a statement saying that there was no “significant risk to our customers”, however the data stolen includes names and postal addresses, alongside other data relating to purchases of Dell products.
The hacker, known as Menelik, told TechCrunch exactly how he managed to extract such a huge amount of data without being detected.
Lurker
Menelik set up a number of partner accounts within the Dell company portal which, when approved, allowed the hacker to brute force the customer service tags and gain access to the data. The hacker “sent more than 5,000 requests per minute to this page that contains sensitive information.”
“Believe me or not, I kept doing this for nearly 3 weeks and Dell did not notice anything. Nearly 50 Million requests…After I thought I got enough data, I sent multiple emails to Dell and notified the vulnerability. It took them nearly a week to patch it all up,” Menelik said.
Dell confirmed to TechCrunch that they received the hackers email notification of the vulnerability, and a spokesperson for the company stated that “this threat actor is a criminal and we have notified law enforcement. We are not disclosing any information that could compromise the integrity of our ongoing investigation or any investigations by law enforcement.”
There is a possibility that customers who were not affected by the breach may have been incorrectly notified that their data was stolen, as TechCrunch provided Menelik with names and service tags of a number of customers to verify against the database (with their permission), and while some were easily found, others were not on the list at all.
More from TechRadar Pro
- These are the best privacy tools and anonymous browsers
- LLM services are being hit by hackers looking to sell on private info
- Check out some of the best malware removal tools