The recent major Dell data breach seems to be a bit more damaging than initially thought, after reports the same threat actor managed to abuse the same flaws to steal even more data.
A hacker going by Menelik recently managed to steal sensitive data on 30,000 Dell customers. The data includes people’s names, phone numbers, email addresses, service reports, data on hardware replacement, various hardware components, customer device diagnostic logs, and more. In some instances, the data even included photos taken by Dell customers which, among the metadata, included precise GPS locations of where the photos had been taken.
Some of the data even belongs to customers in the European Union, which might trigger GDPR with EU regulators.
Selling the intel
For now, TechCrunch says it has seen the data and it appears to be authentic. Speaking to the publication, the hacker said that at this time there are no concrete plans for the database: “I did find something for email and phone number data,” Menelik told TechCrunch. “But I am not going to do anything with it yet. I want to see how Dell responds to current topic.”
News recently broke of a hacker stealing, and offering to sell, information on postal addresses belonging to 49 million Dell customers, among other things. The data was grabbed by the same threat actor, Menelik, apparently from different Dell portals. They did it by registering multiple “partner” accounts, and then brute-forcing customer service tags.
The initial batch of 49 million entries was put up for sale on a dark web portal and soon after, the post was removed. That suggests that Menelik managed to sell the database to someone, although until the information is abused in one way or another, it’s impossible to tell. So far, there are no reports of anyone using the information for any malicious purposes.