A member of BreachForums, a cyber crime forum, is offering customer and system information of 49 million Dell users, including some from Australia – and using an advisory from the company to prove that the data offered for sale is genuine.
The member, who goes by the moniker Menelik, said the data included full name or company name, address, city, province, postal code, unique seven-digit service tag of the system, system shipped date (order date), warranty plan, Dell customer number and Dell order number.
The top five countries from where this data came were the US, China, India, Australia and Canada, Menelik wrote.
"This breach was also covered by some news outlets, you can Google if interested," Menelik wrote.
{loadposition sam08}"My old thread was removed by Breach mods (due to expired sample link), so some people thought this data was sold.
The notice on BreachForums with the Dell advisory displayed. Screenshot by Sam Varghese
"But no, I am still the sole owner of this data. I am planning to sell it to one individual only.
"I don't have email/phone numbers for this 49 million, but I do have email and phone number of some several thousand customers. All recent."
Menelik added: "About seven million rows of the data are individuals/personal purchases, 11 million are consumer segment companies. Rest are enterprise clients, partners, educational institutions and others I could not identify easily."
A small sample of the data is available for download in Excel format.
In its advisory, Dell said: "Dell Technologies has a cyber security program designed to limit risk to our environments, including those used by our customers and partners. Our program includes prompt assessment and response to identified threats and risks.
"We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address and certain Dell hardware and order information. It did not include financial or payment information, email address, telephone number or any highly sensitive customer data.
"Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement.
"We have also engaged a third-party forensics firm to investigate this incident. We continue to monitor the situation and take steps to protect our customers’ information.
"Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate."