Dell resets customer passwords after security incident - gHacks Tech News

Dell resets customer passwords after security incident

Dell confirmed in a press release published on November 28, 2018 that it detected and blocked unauthorized activity on its company network.

According to the press release, hackers were after Dell customer information. Access was limited to customer names, email addresses and hashed passwords, and did not include other data such as credit card information or addresses were not targeted according to Dell's investigation.

dell incident passwords

Dell's investigation of the incident "found no conclusive evidence" that any data was extracted; Dell admits that data could have been extracted despite that.

Though it is possible some of this information was removed from Dell’s network, our investigations found no conclusive evidence that any was extracted.

The company made the decision to reset Dell.com customer passwords as a countermeasure to protect customer accounts.

Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure. These include the hashing of our customers’ passwords and a mandatory Dell.com password reset.

Dell initiated an investigation and implemented countermeasures when it detected the attempted extraction of customer data. The company engaged law enforcement and "retained a digital forensics firm to conduct an independent investigation".

Dell published a customer update on the company website that offers additional information. Dell became aware of the incident happened on November 9, 2018.

The page offers password changing tips. Dell suggests that users use a password that has at least 8 characters that are a mix of uppercase, lowercase, and numbers. Customers should not use words that can be associated with them next to that.

Dell furthermore asks customers to change passwords on other sites as well if the same password is used on these sites.

While Dell reset the customer password to invalidate it, if hackers managed to obtain data, they could theoretically try email and password combinations on other popular sites.  Many computer users re-use passwords on sites instead of using unique passwords.

Summary
Dell resets customer passwords after security incident
Article Name
Dell resets customer passwords after security incident
Description
Dell confirmed in a press release published on November 28, 2018 that it detected and blocked unauthorized activity on its company network.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Tony DiBenedetto said on November 30, 2018 at 9:03 pm
    Reply

    I just logged into my Dell.com account, using the password I’ve had for many years (yeah, I know).

    There was no mention of this breach and no requirement to change passwords. Their announcement doesn’t seem to indicate that only some customers are affected so I have no idea why I was able to log in as normal.

  2. John said on November 30, 2018 at 11:17 pm
    Reply

    I got this email the other day and thought I would just close out my Dell user account. Turns out Dell really doesn’t have a option to do so in account settings. You can’t delete it, and when I asked CS at Dell they couldn’t do it either. At least I give Dell a plus for taking action better than many who have waited months to disclose a breach. But still would be nice to just have a option to delete the account altogether to be safe.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.