Dell has experienced a second data breach, with a hacker named Menelik claiming to have stolen additional customer data from a different portal, TechCrunch reports.
Click for more special coverage
This breach includes customers' names, phone numbers, and email addresses, as well as detailed service reports containing hardware information, engineer comments, dispatch numbers, and diagnostic logs. Some photos uploaded by customers for support, which include GPS metadata, were also compromised.The authenticity of the stolen data has been verified, confirming the breach's impact. This incident follows a previous breach reported by Dell, which exposed customer names, physical addresses, and purchase-related data.
Dell initially downplayed the risk, stating that the data did not include highly sensitive information like email addresses or phone numbers. Menelik, who claimed responsibility for the first breach that affected 49 million customers, said he exploited another vulnerability to scrape additional data from approximately 30,000 U.S. customers. He has not yet decided what to do with this new data, though he previously sold the initial stolen data on a hacking forum.
An In-Depth Guide to Identity
Get essential knowledge and practical strategies to fortify your identity security.
The rollout of new rules around the Cybersecurity Maturity Model Certification by the U.S. Department of Defense is pushing government contractors to upgrade their internal security practices and protections
Conduent State & Local Solutions, Solutran, and Fidelity Information Services, all of which are electronic benefits vendors supporting the Supplemental Nutrition Assistance Program, have been sought by the Center for Democracy and Technology, the Electronic Privacy Information Center, and Protect Democracy to reject the Department of Agriculture's requests to collect SNAP beneficiaries' personal information in adherence to a March order by President Donald Trump, StateScoop reports.
The Consumer Financial Protection Bureau has cancelled a proposed rule that would impose Fair Credit Reporting Act requirements on data brokers in a bid to better control the sale of Americans' personal information, according to The Hill.
