Dell resets customer passwords after security incident
Dell confirmed in a press release published on November 28, 2018 that it detected and blocked unauthorized activity on its company network.
According to the press release, hackers were after Dell customer information. Access was limited to customer names, email addresses and hashed passwords, and did not include other data such as credit card information or addresses were not targeted according to Dell's investigation.
Dell's investigation of the incident "found no conclusive evidence" that any data was extracted; Dell admits that data could have been extracted despite that.
Though it is possible some of this information was removed from Dellâ€™s network, our investigations found no conclusive evidence that any was extracted.
The company made the decision to reset Dell.com customer passwords as a countermeasure to protect customer accounts.
Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure. These include the hashing of our customersâ€™ passwords and a mandatory Dell.com password reset.
Dell initiated an investigation and implemented countermeasures when it detected the attempted extraction of customer data. The company engaged law enforcement and "retained a digital forensics firm to conduct an independent investigation".
Dell published a customer update on the company website that offers additional information. Dell became aware of the incident happened on November 9, 2018.
The page offers password changing tips. Dell suggests that users use a password that has at least 8 characters that are a mix of uppercase, lowercase, and numbers. Customers should not use words that can be associated with them next to that.
Dell furthermore asks customers to change passwords on other sites as well if the same password is used on these sites.
While Dell reset the customer password to invalidate it, if hackers managed to obtain data, they could theoretically try email and password combinations on other popular sites.Â Many computer users re-use passwords on sites instead of using unique passwords.Advertisement