Dell hacker says they were able to to directly attack company servers to scrape data

Skull and Crossbones
(Image credit: Shutterstock)

A threat actor claiming to be behind the recent Dell data breach has said he managed to steal the data of 49 million customers by brute-forcing a company portal and milking it for almost three weeks.

Dell released a statement saying that there was no “significant risk to our customers”, however the data stolen includes names and postal addresses, alongside other data relating to purchases of Dell products.

The hacker, known as Menelik, told TechCrunch exactly how he managed to extract such a huge amount of data without being detected.

Lurker

Menelik set up a number of partner accounts within the Dell company portal which, when approved, allowed the hacker to brute force the customer service tags and gain access to the data. The hacker “sent more than 5,000 requests per minute to this page that contains sensitive information.”

“Believe me or not, I kept doing this for nearly 3 weeks and Dell did not notice anything. Nearly 50 Million requests…After I thought I got enough data, I sent multiple emails to Dell and notified the vulnerability. It took them nearly a week to patch it all up,” Menelik said.

Dell confirmed to TechCrunch that they received the hackers email notification of the vulnerability, and a spokesperson for the company stated that “this threat actor is a criminal and we have notified law enforcement. We are not disclosing any information that could compromise the integrity of our ongoing investigation or any investigations by law enforcement.”

There is a possibility that customers who were not affected by the breach may have been incorrectly notified that their data was stolen, as TechCrunch provided Menelik with names and service tags of a number of customers to verify against the database (with their permission), and while some were easily found, others were not on the list at all.

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.