Dell Investigating Portal Security ‘Incident,’ Says No ‘Significant Risk’ To Customers

‘Upon identifying the incident, we promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement,’ said Dell in an email to customers. ‘We have also engaged a third-party forensics firm to investigate this incident.’

Dell Technologies is investigating a security “incident” involving a portal that contains a database with limited types of customer information related to Dell purchases.

The incident does not pose a “significant risk” to customers, according to an email sent by Dell to customers obtained by CRN.

“Upon identifying the incident, we promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement,” said Dell in the email. “We have also engaged a third-party forensics firm to investigate this incident. We will continue to monitor the situation.”

In a statement to CRN, Dell Technologies said that no financial, or payment information, was lost. Also, no email addresses, telephone numbers, or any sensitive customer data was at risk.

“We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address, and certain Dell hardware and order information,” Dell wrote. “It did not include financial or payment information, email address, telephone number or any highly sensitive customer data. Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. Our investigation is supported by external forensic specialists.”

Dell says its cybersecurity program is designed to limit risk to its environments, including those used by its customers and partners.

“Our program includes prompt assessment and response to identified threats and risks,” Dell Technologies said in the statement.

Dell said there were limited types of customer information “accessed,” including name; physical address; Dell hardware and order information, including service tag; item description; date of order and related warranty information.”

Dell said the information involved “does not include financial or payment information, email address, telephone number or any highly sensitive customer information.”

That said, Dell noted that even though there is not a significant risk given the limited information impacted, it advised customers to keep in mind tips to avoid tech support phone scams. Further, the company advised customers that if they notice any “suspicious activity” related to their Dell accounts or purchases they should report it to Dell Security.

An MSP that was contacted by a federally regulated Dell customer that received the email from Dell said the incident is yet another sign that solution providers need to double down on security efforts with all their customers.

“If you are a Dell enterprise customer you are probably getting a call from your account manager,” said the MSP executive, who asked not to be identified. “This is yet another example of the importance of security. No one is immune. Everybody has got to be on their toes. There are no shortcuts anymore. You can’t take your customer and partner relationships for granted and hope their security is going to be as robust as you need it to be. You have to take action on your own to make sure what you are doing meets your business requirements and protects your data.”

A Chief Information Security Officer (CISO) for a Solution Provider 500 company, who did not want to be identified, said he would not be surprised to see the customer information leak to the dark web and be utilized in the future.

“Now that an incident response company has been engaged, it will be interesting to learn if this proliferated to any other systems or was it truly contained to the environment and information they described in the letter.”