Breach Bonanza: How “Menelik” Milked Dell for 49M Customer Details in Stealth Heist

Facing a digital David and Goliath scenario, ‘Menelik’ the hacker milked Dell’s data udder for 3 weeks, swiping details of 49 million customers. Dell’s stance? “No significant risk.” TechCrunch’s take? “Check your mail, you might be in the no-risk zone… or not.” #DellDataBreach

Hot Take:

Oh, Dell, looks like your ‘secure’ walls have been cheese-grated by a brute with the subtlety of a sledgehammer. Menelik, our keyboard-wielding bandit, turned your portal into his personal data buffet—and you guys took a week-long siesta before patching things up? I’d say you got a Dell of a problem on your hands!

Key Points:

  • Menelik, the hacker, claims to have brute-forced Dell’s customer data, siphoning off info on 49 million customers.
  • He exploited the company portal for nearly three weeks, sending 5,000 requests per minute without Dell noticing.
  • Stolen data includes names, addresses, and purchase details—though Dell says customers aren’t at “significant risk”. (Sure, Jan.)
  • Dell was eventually notified by the hacker himself and took a week to patch the vulnerability. Talk about being fashionably late!
  • Some Dell customers may have been wrongfully notified about their data being compromised—because who doesn’t love a false alarm?

Need to know more?

A Hacker's Diary: How I Spent My Summer Vacation

Our friend Menelik wasn't just binging Netflix like the rest of us; he was busy setting up fake partner accounts and brute-forcing Dell's customer service tags. He treated sensitive information like an all-you-can-eat buffet, indulging in the data feast for nearly 21 days straight. And what's more impressive? Dell, the supposed IT giant, had no clue. It's like throwing a rave in your parents' basement and they never come down to check on you. Party on, Menelik.

When the Cat's Away, the Mice Will Brute-Force

What's a hacker to do after accumulating enough data to fill a small country's library? Reach out to the company he just plundered, of course. Menelik, perhaps feeling a slight pang of guilt—or just wanting to flaunt his cyber muscles—contacted Dell to let them know about their 'you've-got-a-hole-the-size-of-Texas' problem. Dell's response? They moved at the speed of a sloth on sedatives to patch up the breach.

Dell's Damage Control—or Lack Thereof

While Dell's spokesperson played the 'criminal' card and rang the law enforcement bell, they also kept mum about any details that could spoil their ongoing Nancy Drew investigations. Meanwhile, customers were getting mixed signals—some were told their data was in the wind, while others, not so much. It seems like verifying the veracity of the breach notifications was a bit too much work for the Dell squad. After all, why ruin the surprise?

Adding Insult to (Data) Injury

And just when you thought it couldn't get any more chaotic, TechCrunch stepped in to play detective. They handed over names and service tags to Menelik (with consent, because we're not animals) to cross-reference with the stolen data. The result? Some were hits, others misses. It's like playing cybersecurity bingo, except nobody's winning a prize here.

As a cherry on top, TechRadar Pro wants to ensure we're all well-informed with the latest news, opinions, privacy tools, and malware removal tips. Because evidently, staying informed is our best defense when the companies we trust are playing fast and loose with our personal details. So, thank you, TechRadar Pro, for being the cybersecurity lighthouse in the fog of digital chaos.

Tags: Brute Force Attack, customer data theft, Data Breach Notification, Dell Data Breach, Hacker Vulnerability Notification, Law Enforcement Notification, TechRadar Pro