DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Dell notifies customers of breach; seller “Menelik” is ShinyHunters (2)

Posted on May 10, 2024 by Dissent

On April 28, a new forum user on BreachForums called “Menelik” claimed to have 49 million Dell Technologies customer records for sale.

The Daily Dark Web provided a screencap and details from the listing.  The customer data purportedly includes data between 2017 and 2024, with “full names, addresses, cities, provinces, postal codes, countries, unique 7-digit service tags of systems, system shipment dates (warranty start), warranty plans, serial numbers (for monitors), Dell customer numbers, and Dell order numbers.”

Yesterday, Dell notified customers of the incident (see screencap).

Menelik updated their listing by using Dell’s notification as confirmation of their claims and reiterated their claims about the data, specifying data types and adding:

Top 5 countries with most systems:

  1. United States
  2. China
  3. India
  4. Australia
  5. Canada
  • About 7 Million rows of the data are individuals/personal purchases
  • 11 Million are consumer segment companies
  • Rest is enterprise clients, partners, educational institutions and others that I could not identify easily

They also explain the disappearance of the original thread from the forum:

My old thread was removed by Breached mods (due to expired sample link) so some people thought this data was sold.

But no, I am still the sole owner of this data. I am planning to sell it to 1 individual only.

I don’t have email/phone number for this 49 million but I do have email & phone number of some several thousand customers. All recent.

Dell’s notice (see screencap) suggests that there is little risk to customers, but recognizes that the data might be used as part of phone scams or other schemes.  Dell declined Bleeping Computer’s request for more details about the incident and the number affected, telling them they “are not disclosing this specific information from our ongoing investigation.”

“Menelik” is “ShinyHunters”

The name “Menelik” may not be familiar to most people, but DataBreaches can reveal that this attack was the work of ShinyHunters. They informed DataBreaches about it at the time after being unable to get Dell to respond to them via multiple contact attempts and email addresses.

DataBreaches emailed Dell last night to ask about their policy concerning contacts by threat actors — whether they read communications but don’t respond or whether they don’t even read communications from what might be individuals who have hacked them.  In that email, DataBreaches also noted that ShinyHunters informed this site that they found a second vulnerability and claimed they had already started exploiting it to exfiltrate data. They did not provide any proof of claim at this time. DataBreaches asked Dell whether if ShinyHunters contacts Dell again, Dell would read the communications.

No reply has been received by publication.


Updates:  Post-publication, Dell responded:

Our program includes prompt assessment and response to identified threats and risks. We are not disclosing any information that could compromise the integrity of our ongoing investigation or any investigations by law enforcement.

Update 2: Bleeping Computer published more details about the attack and Shiny Hunters’ attempts to get Dell to respond prior to putting the data up for sale.

Category: Business SectorHackU.S.

Post navigation

← TCS Employee Suspended After Reporting a Security Incident, Reddit Post Goes Viral
Au: Shock for customers as personal details leaked in worrying breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.