Dell warned in an email to customers that personal information was accessed in a data breach, including names and addresses. The company is looking into an incident that compromised details of hardware purchases from 2017 to 2024 but didn’t include “financial or payment information,” according to the email.

A recent post on a hacker forum offered up data on 49 million Dell customers, which coincides with the breach reported by Dell, TechCrunch notes. “We believe there is not a significant risk to our customers given the type of information involved,” Dell said.

In its response, the company says it’s already taken measures to contain the breach, including notifying law enforcement. The company also hired a third-party forensics firm to help it investigate the incident. 

The company didn’t say which portal was affected or how many users were ensnared. But in a statement, Dell said only name, physical address, and certain Dell hardware, along with order information, was exposed in the breach. “It did not include financial or payment information, email address, telephone number, or any highly sensitive customer data,” the company added. 

The link between the reported breach and the hacker’s sale is unclear. In the meantime, Dell is warning affected users to stay vigilant. If a cybercriminal stole data from the company, they could use that information to target individuals. The PC maker warned customers to watch out for strange activity on their Dell accounts and potential tech support scams.

“We continue to monitor the situation and take steps to protect our customers’ information,” Dell added. “Although we don’t believe there is significant risk to our customers given the type of information involved, we are taking proactive steps to notify them as appropriate.” 

The warnings come over a week after a hacker began selling access to a database that allegedly contains 49 million Dell customer records. “The alleged data encompasses information on systems purchased from Dell between 2017 and 2024, comprising a comprehensive repository of customer details,” according to Daily Dark Web, which notes the stolen information includes full names and addresses.