Một hacker với cái tên Menelik đã tiết lộ rằng mình đã đánh cắp dữ liệu khách hàng của Dell không chỉ một lần mà là hai lần gần đây. Trong vụ tấn công đầu tiên được báo cáo bởi TechCrunch, anh ta cho biết đã truy cập vào một trang web của Dell thông qua đó anh ta đã lấy được tên khách hàng, địa chỉ vật lý và thông tin đơn hàng. Mấy ngày sau, anh ta tiến hành vụ tấn công thứ hai trên một portal khác, Menelik cho biết rằng anh đã lấy được tên, số điện thoại và địa chỉ email của khách hàng của Dell.
Để thực hiện vụ tấn công đầu tiên, ảo thuât mà anh ta cho biết đã ảo thuật đến 49 triệu khách hàng của Dell, hacker này nói rằng anh đã đăng ký với các tên khác nhau cho đại lý của Dell trên một portal cụ thể. Sau khi Dell chấp nhận các tài khoản đối tác này, Menelik nói rằng anh đã tấn công bằng cách brute-forced các thẻ dịch vụ khách hàng bảy số. Bất kỳ loại đối tác nào cũng có thể truy cập vào portal theo cách anh ấy tuyên bố.
Việc công bố thông tin nhạy cảm này đã thu hút sự chú ý từ phía cộng đồng mạng và đặc biệt là Dell. Một số hồ sơ có địa chỉ đã bị đào lên bởi Hacker để được bán trên web tối. Cách tốt nhất để bảo vệ bản thân khỏi những rủi ro từ các vụ vi phạm dữ liệu là thiết lập một mật khẩu mạnh và sử dụng xác thực hai yếu tố.Thông qua sự kiện ngày hôm nay, chúng ta hãy cùng nhau bảo vệ thông tin cá nhân và đối pho với những mối nguy hiểm từ thông tin dữ liệu bị đánh cắp. #Hacker #Dell #bảo mật #sự kiện
A hacker who calls himself Menelik has taken credit for not one but two recent data breaches against PC maker Dell. In the first attack as reported by TechCrunch, he claims to have accessed a Dell online portal through which he stole customer names, physical addresses, and order information. Staging a second attack just days later on a different portal, Menelik told TechCrunch that he made off with the names, phone numbers, and email addresses of Dell customers.
To perform the first attack, which reportedly affected 49 million Dell customers, the hacker said that he registered with different names for Dell resellers on a specific portal. After Dell approved these partner accounts, Menelik said he brute-forced the seven-digit customer service tags. “Any kind of partner” could access the portal in the same way, he claimed.
Also: The best VPN services (and how to choose the right one for you)
“(I) sent more than 5,000 requests per minute to this page that contains sensitive information,” Menelik told TechCrunch. “Believe me or not, I kept doing this for nearly 3 weeks and Dell did not notice anything. Nearly 50 Million requests…After I thought I got enough data, I sent multiple emails to Dell and notified the vulnerability. It took them nearly a week to patch it all up.”
Dell confirmed to TechCrunch it had been hit by a data breach and that Menelik had sent emails to the company taking credit for the attack. Dell didn’t reveal whose physical addresses were scraped. But TechCrunch found that some addresses were for businesses buying products for remote workers while many were for consumers ordering products at home.
Also: 6 simple cybersecurity rules you can apply now
And what happened to the stolen records? The same thing that usually happens. Menelik said he posted an ad on a dark web hacking forum trying to sell the data. In a follow-up, the hacker told TechCrunch that he sold the data but didn’t reveal the price tag.
To pull off the second attack, Menelik targeted another portal from which he grabbed not just customer names, phone numbers, and email addresses, but also Dell service reports. Such reports contain details on replacement hardware, notes from on-site engineers, dispatch numbers, and diagnostic logs uploaded from the customer’s PC.
Menelik said he captured data for around 30,000 Dell customers in the US through the second attack. The flaws he exploited were similar to those in the first attack. This time, however, he couldn’t steal the data as quickly as he did during the initial breach. Asked by TechCrunch what he aims to do with this second batch of data, the hacker said he didn’t yet know.
We hear about data breaches, cyberattacks, and stolen customer data regularly. And it’s always the same story: companies fail to effectively secure their infrastructure, data centers, and databases or patch critical security flaws; savvy hackers discover a vulnerability, giving them the keys to steal sensitive information.
Also: The best VPN services for iPhone and iPad (yes, you need to use one)
Since we can’t depend on companies to protect us, what can we do to protect ourselves? There are a few steps you can take both before and after a breach:
- Set up a strong password – Yes, I know you’ve heard this before. But a strong and secure password is one of the first lines of defense. Creating and remembering a complex and unique password for every account is virtually impossible. That’s why you should turn to a good password manager to do the hard work. And as more sites and services support passkeys, that’s another option to consider. If your account has been affected by a data breach, changing your password is the first action you’ll want to take. Just ensure it’s a strong one that can’t easily be hacked.
- Use two-factor authentication – Any attacker who brute-forces one of your passwords can now easily sign into the associated account, but not if you use the right type of two-factor authentication (2FA). With 2FA, your account remains off-limits unless you provide the correct confirmation. Your best bet is to use an authenticator app or a physical security key, as both are stronger than SMS authentication. Turning on 2FA is another action to take following a breach. Many major websites now support 2FA, so you should be able to set this technique up without too much effort.
- Watch out for scams – The Dell hacker grabbed names, phone numbers, email addresses, and physical addresses, and then sold them on the dark web. On a practical level, you can’t readily change any of those. That’s why you need to be alert for criminals who try to use your phone number or email address to run spoofing and phishing scams.
- Monitor your credit – Add up all the data stolen and identity theft becomes a real possibility. To protect against this threat, you’ll want to check your credit reports across the three major services: Experian, Equifax, and TransUnion. In some cases, you may have to freeze your credit to ensure no one can open new accounts or take out loans in your name.