RealTime Information Technology

View Original

DELL Data Breach, May 2024

Deidre Frith

Dell began warning customers via email on May 8th of a data breach that may have exposed the purchase related information of approximately 49 million customers.

The breached data includes customer names, physical addresses, and order related information such as service tags, order dates, item descriptions and warranty information. However, Dell has stated that no email addresses or phone numbers or any financial information was involved in this breach.

OWN A DELL? What this mean for you…

If you have purchased a Dell, then you can expect to see a lot of phishing and social engineering attempts revolving around this information. Even though this particular data theft didn’t include your email address and phone number, it’s very simple for bad actors to associate those pieces of information (from prior breaches) with what was stolen from Dell this time. Keep in mind that with 49 Million possible targets, the bad actors will just blast out the phishing emails and hope that recipients were impacted by this breach, a not unrealistic expectation.

Be on the lookout for scams!

The scams could be similar to any of the following scenarios:

  • Dell warranty renewal emails and/or calls. We get these all the time legitimately. What we don’t know is how many more will we receive that are scams?
    BEST ADVICE: Know what legitimate emails/calls look like AND, if it’s over the phone, call Dell back on a previously known phone number. Do not ask the caller for the number as they could provide a fake number.

  • Urgent notices! These could be about security vulnerabilities and requests to call some number or click a link to fix the issue. Still a scam, don’t click the link!

  • Unironically, notices of this data breach. However, it will include a link for more information that lead to problems. Still a scam, don’t click the link!

  • Class action lawsuit notices. This may include calls to action like call or email the “attorney”. Once again, don’t do either of those items. It’s probably a scam.

DOUBLE-CHECK WITH REALTIME

If you’re a RealTime customer, you can always give us a call if you have any questionable emails, texts, even phone calls related to this matter. Additionally, if you’re a RealTime customer, you probably bought things through us and we manage on your behalf. We should be handling items related to this already; this is another reason it should give you a red flag if Dell contacts you.

THE BEST PROTECTION

The best protection from these sorts of scams is to confirm legitimacy through previously known contact methods. Call a number you have for Dell instead of giving any credibility to someone over the phone, don’t click on links in emails, or lastly, call RealTime if you’re a client.

 

https://www.securityweek.com/dell-says-customer-names-addresses-stolen-in-database-breach/