Ireland's Data Protection Regulator Confirms Investigation Into Data Breaches at Dell | TechCrunch - Latest Global News

Ireland’s Data Protection Regulator Confirms Investigation Into Data Breaches at Dell | TechCrunch

A top European data protection watchdog is investigating recent breaches of Dell customers’ personal data, TechCrunch has learned.

Irish Data Protection Commission (DPC) Deputy Commissioner Graham Doyle confirmed to TechCrunch that the DPC has received “a notice of breach in this matter” – referring to Dell – which is “currently under review”. When asked to elaborate, Doyle declined to comment further.

An unnamed Dell spokesperson also confirmed that the tech giant “has notified regulators and will continue to work with them as appropriate” when contacted by TechCrunch for comment.

Last week, Dell emailed customers alerting them that a data breach had occurred. The theft, the company wrote, included Dell customer names, physical addresses and order information. The stolen data also included personal data of Dell customers in the European Union. Despite the theft of customers’ physical addresses, Dell told customers that it believes “there is no significant risk to our customers given the nature of the information involved.”

On Tuesday, TechCrunch exclusively reported that the same threat actor that claimed the data breach last week had stolen additional customer data from another Dell portal. According to the threat actor, data from this second breach includes names, phone numbers and email addresses of Dell customers, as well as a review of a sample of the data seen by TechCrunch.

In both cases, the threat actor named Menelik said he was able to find vulnerabilities in two different Dell portals and steal customer data.

In recent years, the Irish Data Protection Authority has been the most active data protection authority in Europe, with many major technology companies having their European headquarters in Ireland, including Dell. The DPC has enforced the EU-wide data protection and privacy regulation, known as GDPR, against several companies, including TikTok, which was fined $379 million for misusing children’s data, and Meta, which was fined for violating rules on User data transfer was fined $1.3 billion. personal data to the United States.

Companies can be fined up to 4% of their global annual turnover for violating the GDPR.

Contact us

Do you know more about this Dell hack? Or similar data breaches? From a device away from the workplace, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, on Telegram, Keybase and Wire @lorenzofb, or by email. You can also contact TechCrunch via SecureDrop.

Sharing Is Caring:

Leave a Comment