Dell noticed an incident where criminals gained access to a customer database that contained information such as customer names, their physical addresses, and certain order information.

Dell confirms that customer and order information was stolen, The Register reports. A cybercriminal claimed that 49 million records were stolen and are currently for sale on the dark web. According to Dell, the stolen data included names, addresses and details about Dell devices, but not sensitive payment information. The company is currently monitoring the situation and taking damage control measures.

Leaked customer information

Dell recently became aware of an incident related to a Dell portal that provides access to a database containing limited types of customer information, including name, physical address and certain Dell hardware and order information, a Dell spokesperson told The Register. According to a social media post, Dell has already emailed an unknown number of customers.

This rather vague email appears to confirm a message from the Daily Dark Web. On April 29, the offer to sell supposedly personal data of 49 million people who purchased Dell devices between 2017 and 2024 was reported, Daily Dark Web reported.

For some time now, Dell customers have been contacted by suspicious phone calls from alleged Dell employees. Using their name, address, and service tag, they gain customers’ trust and are then tricked into making a payment, installing software, or performing other malicious actions.

Succession

“We continue to monitor the situation and take action to protect our customers’ data,” the Dell spokesperson said. “While we do not believe there is a significant risk to our customers given the nature of the information involved, we are taking proactive steps to notify them,” Dell told The Register.

Dell has launched a damage control investigation. The police have already been informed and an external forensic company has been appointed to investigate this incident. The situation is being monitored.