The company issued an email to customers alerting them of the breach but said it believes there is ‘not a significant risk’ due to the type of information involved.
Tech giant Dell Technologies has notified its customers of a data breach on a Dell portal that includes their names and physical addresses as well as hardware and order information.
In an email sent out to customers yesterday (9 May), the company said it believes “there is not a significant risk” to customers, given the type of information involved.
“The information involved does not include financial or payment information, email address, telephone number or any highly sensitive customer information,” the email stated.
“Upon identifying the incident, we promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement. We have also engaged a third-party forensics firm to investigate this incident. We will continue to monitor the situation.
“Our investigation indicates your information was accessed during this incident, but we do not believe there is significant risk given the limited information impacted.”
In a statement sent to SiliconRepublic.com, Dell Technologies said the impacted information types are limited to name, physical address, and Dell hardware and order information including service tag, item description, date of order and related warranty information.
“It does not include financial or payment information, email address, telephone number or any highly sensitive customer data,” it said.
In response to questions from TechCrunch, a company spokesperson said: “We are not disclosing this specific information from our ongoing investigation.”
While it isn’t known how many customers were impacted, a report on Daily Dark Web suggests that as many as 49m customers could be affected.
According to the report from 29 April, a threat actor is claiming to sell a database containing 49m customer records from Dell. While it hasn’t been confirmed that this is the same breach, the alleged data includes information that appears to align with the type of information Dell discusses in its email to customers.
In the email it sent out about the data breach, Dell Technologies warned customers to report any concerns about suspicious activity related to Dell accounts or purchases to security@dell.com.
“Although we don’t believe there is significant risk to customers given the types of information involved, we are taking steps to proactively notify customers where appropriate,” Dell added in a statement. “We will continue to monitor the situation and take steps to protect our customers’ information.”
Updated, 11.45am, 10 May 2024: This article was updated to include a statement from Dell Technologies.
Find out how emerging tech trends are transforming tomorrow with our new podcast, Future Human: The Series. Listen now on Spotify, on Apple or wherever you get your podcasts.