Hacker attacking Dell admitted directly entering the server system to steal the data of 49 million customers.
According to TechRadar, a hacker claiming to be the culprit behind the Dell cyber attack recently revealed how he stole the personal data of 49 million company customers. According to confirmation, hackers directly penetrated Dell’s server and exploited data for nearly 3 weeks.
Dell’s shocking cyber attack caused the personal data of 49 million customers, including names, postal addresses, and shopping information, to be stolen. Although Dell claims there is “no significant risk to customers”, the incident still raises many concerns about cybersecurity and user privacy.
Known by the nickname Menelik, the hacker shared details of the attack method with TechCrunch. Accordingly, this person set up several partner accounts in Dell’s portal and after approval, he used these accounts to illegally access the company’s server system. Menelik said he was ‘sending more than 5,000 requests per minute to the page containing sensitive information’ and continued to do this behavior for 3 weeks without being detected.
After collecting enough data, Menelik sent an email to notify Dell about the security vulnerability. However, Dell took up to a week to patch this vulnerability.
Currently, Dell has notified law enforcement about the incident and confirmed that it will coordinate the investigation. However, some customers said they received notices that their data was stolen even though they were not among the 49 million people affected.
