A threat actor has revealed they were able to steal the data of 50 million Dell customers including names, addresses and other data related to purchases made at Dell. The compromise was accomplished by setting up a number of partner accounts within the Dell company portal which, after they were approved, allowed them to brute force customer service tags and gain access to the data. They were allowed to send more than 5,000 requests per minute to a page containing sensitive information. The activity was allowed to continue for nearly 3 WEEKS totaling nearly 50 MILLION requests before Dell noticed anything and took action.
More info at techradar!