The threat actor responsible for the recent Dell data breach stated that he scraped information from 49 million customer records via a partner portal API that he accessed as a phony organization.
Dell had begun sending alerts to customers informing them that their personal information had been stolen in a data breach.
The Breach This data breach compromised customer order data, which included warranty information, service tags, customer names, installed locations, customer numbers, and order numbers.
On April 28th, a threat actor, Menelik, posted the data for sale on the Breached hacking forum, but the administrators quickly removed the post.
Menelik said that they were able to obtain the data after discovering a portal where partners, distributors, and merchants could look up order information.
Menelik claims that by opening many identities under bogus firm names, he could gain access to the portal within two days without verification.
You simply fill out an application form, Menelik explained.
APIs are being exploited in data breaches Easy-to-access APIs have become a major business liability in recent years, with threat actors exploiting them to scrape sensitive data and sell it to other threat actors.
Threat actors linked phone numbers to approximately 500 million accounts in 2021 by exploiting a Facebook API issue.
This data was leaked nearly for free on a hacking site, requiring only an account and a $2 fee to get it.
Later that year, in December, threat actors used a Twitter API flaw to connect millions of phone numbers and email addresses to Twitter accounts, which were then sold on hacking forums.
API Security Matters: APIs are essential for seamless communication between systems, but their security must not be overlooked.
Third-Party Risks: Partner portals and third-party integrations can introduce vulnerabilities.
Data Minimization: Collect only the data necessary for business operations.
Incident Response: Dell's swift response demonstrates the importance of having an effective incident response plan.
The Scale The sheer volume of compromised records-49 million-underscores the severity of the breach.
Such a massive data leak can have far-reaching consequences for affected individuals.
Dell's Response Dell promptly detected the breach and took action.
They notify affected customers about the incident, urging them to be cautious and vigilant.
Dell is enhancing security protocols to prevent similar incidents in the future.
This Cyber News was published on www.cysecurity.news. Publication date: Sun, 12 May 2024 19:43:06 +0000