Dell customer order database of '49M records' stolen, now up for sale on dark web

IT giant tries to downplay leak as just names, addresses, info about kit

Dell has confirmed information about its customers and their orders has been stolen from one of its portals. Though the thief claimed to have swiped 49 million records, which are now up for sale on the dark web, the IT giant declined to say how many people may be affected.

According to the US computer maker, the stolen data includes people's names, addresses, and details about their Dell equipment, but does not include sensitive stuff like payment info. Still, its portal was compromosed.

"We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address and certain Dell hardware and order information," a Dell spokesperson told The Register today.

"It did not include financial or payment information, email address, telephone number or any highly sensitive customer data."

A report at the end of last month from the aptly named Daily Dark Web suggested as many as 49 million Dell customers may have had some of their account information taken. The data is said to cover purchases made between 2017 and 2024.

Judging from a screenshot of a sample of the stolen info, the Dell database now up for sale on a cyber-crime forum includes the following columns: service tag, items, date, country, warranty, organization name, address, city, province, postal code, customer code, and order number.

Dell says once it discovered the digital break-in, it began an investigation, took steps to contain the damage, notified law enforcement, and hired a third-party forensic firm.

"We continue to monitor the situation and take steps to protect our customers’ information," Dell's spokesperson said. "Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate."

In an email to customers, Dell similarly downplayed the significance of the data exposure, telling punters:

Dell Technologies takes the privacy and confidentiality of your information seriously. We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell.

We believe there is not a significant risk to our customers given the type of information involved.

The Texan titan added in that email it believes the following information was accessed at least: "Name, physical address, [and] Dell hardware and order information, including service tag, item description, date of order and related warranty information."

The biz also warned folks to be on alert for scammers making use of this stolen data to impersonate Dell staff and defraud victims.

The most recent similar incident at Dell that we're aware of occurred in 2018 when the corporation's network was infiltrated by unknown individuals and the biz reset customer passwords.

Earlier this year, the US Federal Communications Commission expanded its data loss reporting requirements to cover telecommunications and voice-over-IP services.

A recent rulemaking from the US government's CISA, in support of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), looks likely to expand the number of organizations required to report data intrusions to the government within 72 hours. ®

Editor's note: This article was updated to include information from the email to customers. Need to alert us to similar news? Drop us a line confidentially.

More about


Send us news

Other stories you might like