BrianKrebs on Nostr: Dell said they recently identified the incident, and that the investigation is ...
Dell said they recently identified the incident, and that the investigation is ongoin. They sent me a kind of boilerplate response:
"Dell Technologies has a cybersecurity program designed to limit risk to our environments, including those used by our customers and partners. Our program includes prompt assessment and response to identified threats and risks. We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address and certain Dell hardware and order information. It did not include financial or payment information, email address, telephone number or any highly sensitive customer data. Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. We have also engaged a third-party forensics firm to investigate this incident. We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate."
Published at
2024-05-09 14:36:11Event JSON
{
"id": "6311cc6b08948d50cfec1804bae9e507c430a63bc7e99b1c28f145eb2e45a5e5",
"pubkey": "662250ce4d037de109a64a6a0230f7899f922b76346388b3e7ca06fe9490358d",
"created_at": 1715265371,
"kind": 1,
"tags": [
[
"e",
"5ea23f2b9cecdfa71838ead5d2fc8296e9bb620c0df1058fcca55e86fc2f7ca6",
"",
"root"
],
[
"p",
"662250ce4d037de109a64a6a0230f7899f922b76346388b3e7ca06fe9490358d"
],
[
"proxy",
"https://infosec.exchange/@briankrebs/112411631381523715",
"web"
],
[
"proxy",
"https://infosec.exchange/users/briankrebs/statuses/112411631381523715",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/briankrebs/statuses/112411631381523715",
"pink.momostr"
]
],
"content": "Dell said they recently identified the incident, and that the investigation is ongoin. They sent me a kind of boilerplate response:\n\n\"Dell Technologies has a cybersecurity program designed to limit risk to our environments, including those used by our customers and partners. Our program includes prompt assessment and response to identified threats and risks. We recently identified an incident involving a Dell portal with access to a database containing limited types of customer information including name, physical address and certain Dell hardware and order information. It did not include financial or payment information, email address, telephone number or any highly sensitive customer data. Upon discovering this incident, we promptly implemented our incident response procedures, applied containment measures, began investigating, and notified law enforcement. We have also engaged a third-party forensics firm to investigate this incident. We continue to monitor the situation and take steps to protect our customers’ information. Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate.\"",
"sig": "0b51b88a3eae066fd36ccbee0c0714a58b2395a885c1cc50ac674eee48e3107f24ddfac2b1dc0057ddcde0b467abceca12c52f4263fe6f42c1a91567232cd793"
}