Subj : Dell may have suffered another fairly embarrassing hack
To   : All
From : TechnologyDaily
Date : Wed May 15 2024 12:15:06

Dell may have suffered another fairly embarrassing hack

Date:
Wed, 15 May 2024 11:01:39 +0000

Description:
Menelik strikes again, now stealing data on 30,000 Dell customers.

FULL STORY
======================================================================

The recent major Dell data breach seems to be a bit more damaging than 
initially thought, after reports the same threat actor managed to abuse the 
same flaws to steal even more data. 

A hacker going by Menelik recently managed to steal sensitive data on 30,000 
Dell customers. The data includes peoples names, phone numbers, email 
addresses, service reports, data on hardware replacement, various hardware 
components, customer device diagnostic logs, and more. In some instances, the 
data even included photos taken by Dell customers which, among the metadata, 
included precise GPS locations of where the photos had been taken. 

Some of the data even belongs to customers in the European Union, which might 
trigger GDPR with EU regulators. Selling the intel 

For now, TechCrunch says it has seen the data and it appears to be authentic. 
Speaking to the publication, the hacker said that at this time there are no 
concrete plans for the database: I did find something for email and phone 
number data, Menelik told TechCrunch. But I am not going to do anything with 
it yet. I want to see how Dell responds to current topic. 

News recently broke of a hacker stealing, and offering to sell, information 
on postal addresses belonging to 49 million Dell customers, among other 
things. The data was grabbed by the same threat actor, Menelik, apparently 
from different Dell portals. They did it by registering multiple partner 
accounts, and then brute-forcing customer service tags. 

The initial batch of 49 million entries was put up for sale on a dark web 
portal and soon after, the post was removed. That suggests that Menelik 
managed to sell the database to someone, although until the information is 
abused in one way or another, its impossible to tell. So far, there are no 
reports of anyone using the information for any malicious purposes. More from 
TechRadar Pro MacOS devices are being targeted with PyPI backdoor to sneak 
into corporate networks Here's a list of the best firewalls today These are 
the best endpoint protection tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/dell-may-have-suffered-another-fairly-e
mbarrassing-hack


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.