Dell said they recently identified the incident, and that the investigation is ongoin. They sent me a kind of boilerplate response:
"Dell Technologies has a cybersecurity program designed to limit risk to our environments, including those used by our customers and partners. Our program includes prompt assessment and response to identified threats and risks. We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address and certain Dell hardware and order information. It did not include financial or payment information, email address, telephone number or any highly sensitive customer data. Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. We have also engaged a third-party forensics firm to investigate this incident. We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate."
BrianKrebs /
npub1vc…0axsh
2024-05-09 14:36:11
in reply to nevent1q…acjv
Author Public Key
npub1vc39pnjdqd77zzdxff4qyv8h3x0ey2mkx33c3vl8egr0a9ysxkxsk0axshPublished at
2024-05-09 14:36:11Event JSON
{
"id": "6311cc6b08948d50cfec1804bae9e507c430a63bc7e99b1c28f145eb2e45a5e5",
"pubkey": "662250ce4d037de109a64a6a0230f7899f922b76346388b3e7ca06fe9490358d",
"created_at": 1715265371,
"kind": 1,
"tags": [
[
"e",
"5ea23f2b9cecdfa71838ead5d2fc8296e9bb620c0df1058fcca55e86fc2f7ca6",
"",
"root"
],
[
"p",
"662250ce4d037de109a64a6a0230f7899f922b76346388b3e7ca06fe9490358d"
],
[
"proxy",
"https://infosec.exchange/@briankrebs/112411631381523715",
"web"
],
[
"proxy",
"https://infosec.exchange/users/briankrebs/statuses/112411631381523715",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/briankrebs/statuses/112411631381523715",
"pink.momostr"
]
],
"content": "Dell said they recently identified the incident, and that the investigation is ongoin. They sent me a kind of boilerplate response:\n\n\"Dell Technologies has a cybersecurity program designed to limit risk to our environments, including those used by our customers and partners. Our program includes prompt assessment and response to identified threats and risks. We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address and certain Dell hardware and order information. It did not include financial or payment information, email address, telephone number or any highly sensitive customer data. Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. We have also engaged a third-party forensics firm to investigate this incident. We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate.\"",
"sig": "0b51b88a3eae066fd36ccbee0c0714a58b2395a885c1cc50ac674eee48e3107f24ddfac2b1dc0057ddcde0b467abceca12c52f4263fe6f42c1a91567232cd793"
}