Sam Stepanyan  🐘
#Dell API #vulnerability abused to steal 49 million customer records in data breach scraping off customer order data, including warranty, service tags, customer names and addresses, customer numbers, and order numbers:
#databreach #OWASPAPITop10
👇
https://www.bleepingcomputer.com/news/security/dell-api-abused-to-steal-49-million-customer-records-in-data-breach/
Dell API abused to steal 49 million customer records in data breach

The threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company.

BleepingComputer
May 12, 2024 at 8:56amWeb