Close Menu
TechTost
  • AI
  • Apps
  • Crypto
  • Fintech
  • Hardware
  • Media & Entertainment
  • Security
  • Startups
  • Transportation
  • Venture
  • Recommended Essentials
What's Hot

Claude Cowork expands to mobile and web

X adds a video editor to encourage creators to post original content, not stolen reposts

Netflix invented binge watching. Now he may be over it.

Facebook X (Twitter) Instagram
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer
Facebook X (Twitter) Instagram
TechTost
Subscribe Now
  • AI

    Claude Cowork expands to mobile and web

    7 July 2026

    The ‘first’ ransomware attack run by AI still needed a human

    7 July 2026

    If you use Google, you train its AI. See how you can opt out.

    6 July 2026

    Amazon will stop accepting new customers for Mechanical Turk

    6 July 2026

    Yes, we use OpenClaw to this day

    5 July 2026
  • Apps

    X adds a video editor to encourage creators to post original content, not stolen reposts

    7 July 2026

    You can now adjust the pace and expressiveness of Siri in the latest iOS 27 beta

    7 July 2026

    Apple is bringing back card payments for Apple Account purchases in India after a four-year hiatus

    6 July 2026

    WhatsApp now allows you to reserve usernames

    5 July 2026

    Podcasting platform Riverside is getting into the newsletter game

    4 July 2026
  • Crypto

    Venice AI goes unicorn with $65M Series A as first privacy AI platform takes off

    1 July 2026

    Crypto Exchange OKX wants AI agents to hire and pay each other

    30 June 2026

    Startup Battlefield 200 applications close today

    27 May 2026

    5 days left: Save up to $410 on Disrupt 2026 passes

    25 May 2026

    As crypto cools, a16z crypto raises $2.2 billion in capital

    6 May 2026
  • Fintech

    India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

    28 June 2026

    Early Bird pricing ends tonight for the Founder Summit

    26 June 2026

    4 days left to save up to $190 on Founder Summit 2026

    23 June 2026

    Robinhood’s note on 10% layoffs shows that blaming AI doesn’t cut it

    17 June 2026

    Anthropic’s latest spat with the Trump administration may actually help it, sales figures suggest

    17 June 2026
  • Hardware

    US investors will soon have access to SK Hynix, another memory maker driving the AI ​​boom

    7 July 2026

    Smart glasses maker Even Realities hits $1 billion valuation with $150 million in funding led by Meituan, Tencent

    6 July 2026

    5 office gadgets that can make your work day better

    6 July 2026

    IQM, Europe’s first public quantum company, admits that the future of the technology is uncertain

    3 July 2026

    Thiel Capital’s Jack Selby commits stakes in hot startups like Etched through Arizona connections

    3 July 2026
  • Media & Entertainment

    Netflix invented binge watching. Now he may be over it.

    7 July 2026

    New Google ad imagines a Declaration of Independence written with the help of artificial intelligence

    4 July 2026

    Cloudflare’s new policy pushes AI companies to pay for publishers’ content

    1 July 2026

    Watch out, Amazon: The Kobo eReader now has a Goodreads rival

    29 June 2026

    YouTube Shorts just got even shorter with an update that lets you double the playback speed

    25 June 2026
  • Security

    Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

    6 July 2026

    Politician who investigated abuses of wiretapping software on his phone with Pegasus spyware

    3 July 2026

    The US government says it’s been hacked — again

    2 July 2026

    In major privacy victory, Supreme Court rules that geo-trafficking warrants are protected by privacy rights

    29 June 2026

    The Klue hack results in a data breach at several cybersecurity companies

    26 June 2026
  • Startups

    Station F emerges as a launch pad for Europe’s hottest AI startups

    6 July 2026

    Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

    4 July 2026

    The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

    3 July 2026

    Last chance to apply — Startup Battlefield Australia applications close on 6 July

    3 July 2026

    Arcturus could halve grid electrical losses using nano-infused metals

    2 July 2026
  • Transportation

    Chevy built an all-American EV truck — why isn’t anyone buying it?

    3 July 2026

    Rivian raises EV sales forecast as second-quarter production ramps up

    3 July 2026

    Lucid Motors CFO steps down as new CEO continues leadership shakeup

    2 July 2026

    Tesla begins testing Cybercab without pedals or steering wheel in Austin

    2 July 2026

    Lime is starting life as a public company after years of uncertainty

    1 July 2026
  • Venture

    What are bending spoons? The little-known owner of AOL and Vimeo who is now public

    5 July 2026

    After $18B IPO, Bending Spoons Founder Says Success Comes From Minimizing Luck

    2 July 2026

    Bending Spoons defies SaaS slump, up 40% on first day of trading

    2 July 2026

    The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

    1 July 2026

    Patronus AI lands $50 million to create ‘digital worlds’ that stress-test AI agents

    26 June 2026
  • Recommended Essentials
TechTost
You are at:Home»Security»The threat actor says it hacked 49 million Dell customer addresses before the company knew about it
Security

The threat actor says it hacked 49 million Dell customer addresses before the company knew about it

techtost.comBy techtost.com10 May 202404 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
The Threat Actor Says It Hacked 49 Million Dell Customer
Share
Facebook Twitter LinkedIn Pinterest Email

The person who claims to have 49 million Dell customer records told TechCrunch that he brute-forced a company portal and extracted customer data, including physical addresses, directly from Dell’s servers.

TechCrunch verified that some of the scraped data matched the personal information of Dell customers.

On Thursday, Dell sent an email to customers saying the computer maker had suffered a data breach that included customer names, physical addresses and Dell order information.

“We believe there is no significant risk to our customers given the type of information involved,” Dell wrote in the email, in an attempt to downplay the impact of the breach, implying that it does not consider customer addresses to be “particularly sensitive ». information.

The threat actor said he registered under several different names on a certain Dell portal as an “associate”. A partner, he said, refers to a company that resells Dell products or services. After Dell approved his partners’ accounts, Menelik said he forced the customer service tags, which consist of seven digits of just numbers and consonants. He also said that “any kind of partner” could access the portal he accessed.

“[I] sent more than 5,000 requests per minute to this page containing sensitive information. Believe me or not, I kept doing this for almost 3 weeks and Dell noticed anything. Almost 50 million requests… After I thought I had enough data, I sent several emails to Dell and notified them of the vulnerability. It took them almost a week to fix everything,” Menelik told TechCrunch.

Menelik, who shared screenshots of several emails he sent in mid-April, also said he stopped scraping at some point and didn’t get the full database of customer data. A Dell spokesperson confirmed to TechCrunch that the company received the threat actor’s emails.

The threat actor listed the stolen database of Dell customer data on a well-known hacking forum. The forum list first reported by the Daily Dark Web.

TechCrunch confirmed that the threat actor has legitimate Dell customer data by sharing the names and customer service labels of a handful — with their permission — who received the breach notification email from Dell. In one case, the threat actor found a customer’s personal information by searching the stolen files for their name. In another case, he was able to find another victim’s matching file by searching for the specific hardware service tag from an order he placed.

In other cases, Menelik couldn’t find the information and said he doesn’t know how Dell identified the affected customers. “Judging by checking the names you provided, it looks like they sent this message to unaffected customers,” the threat actor said.

Dell has not said who owns the physical addresses. TechCrunch’s analysis of a sample of data scraping shows that the addresses appear to be related to the original purchaser of the Dell equipment, such as a business purchasing an item for a remote employee. In the case of consumers buying directly from Dell, TechCrunch found that many of those physical addresses also correlate with the consumer’s home address or other location where they picked up the item.

Dell did not dispute our findings when reached for comment.

When TechCrunch sent a series of specific questions to Dell based on what the threat actor said, an unnamed company spokesperson said that “prior to receiving the threat actor’s email, Dell was already aware of and investigating the incident, applying the procedures our response and taking containment steps.” Dell did not provide evidence for this claim.

“Keep in mind, this threat actor is a criminal and we have notified law enforcement. We are not releasing any information that could compromise the integrity of our ongoing investigation or any inquiries by law enforcement,” the spokesperson wrote.

actor addresses company customer cyber security cybercrime data breach Dell Dingle hacked hacker Hacking information security infosec knew million threat
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleBluesky now lets you customize the main Discover feed using new controls
Next Article This year’s Met Gala theme is AI Deepfakes
bhanuprakash.cg
techtost.com
  • Website

Related Posts

Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

6 July 2026

Smart glasses maker Even Realities hits $1 billion valuation with $150 million in funding led by Meituan, Tencent

6 July 2026

Travel app Hopper to pay $35 million in FTC settlement over ‘unfair’ hidden fees

3 July 2026
Add A Comment

Leave A Reply Cancel Reply

Don't Miss

Claude Cowork expands to mobile and web

7 July 2026

X adds a video editor to encourage creators to post original content, not stolen reposts

7 July 2026

Netflix invented binge watching. Now he may be over it.

7 July 2026
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Fintech

India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

28 June 2026

Early Bird pricing ends tonight for the Founder Summit

26 June 2026

4 days left to save up to $190 on Founder Summit 2026

23 June 2026
Startups

Station F emerges as a launch pad for Europe’s hottest AI startups

Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

© 2026 TechTost. All Rights Reserved
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Type above and press Enter to search. Press Esc to cancel.