Dell data breach – IT giant Dell disclosed a data breach, the company confirmed it has detected an intrusion in its systems on November 9th 2018.
Attackers were trying to exfiltrate customer data (i.e. names, email addresses, and hashed passwords) from the company portal Dell.com, from support.dell.com websites.
Wednesday that its online electronics marketplace experienced a “cybersecurity incident” earlier this month when an unknown group of hackers infiltrated its internal network.
As a precautionary measure, Dell forced reset passwords for all accounts on Dell.com website, the company also announced additional measures to mitigate potential effects of the incident.
At the time it is still unclear if hackers succeeded in stealing customer information, the investigation is still ongoing and Dell hasn’t shared any technical details on the intrusion. Dell hired a digital forensics firm to conduct an investigation and reported the incident to law enforcement.
“On November 9, 2018, Dell detected and disrupted unauthorized activity on our network that attempted to extract Dell.com customer information, limited to names, email addresses and hashed passwords,” read the data breach notification published by Dell.
“Upon detection, we immediately implemented countermeasures and began an investigation. We also retained a digital forensics firm to conduct an independent investigation and engaged law enforcement.”
The tech firm confirmed that payment information and Social Security numbers were not exposed due to the security breach.
“Credit card and other sensitive customer information was not targeted. The incident did not impact any Dell products or services.” continues Dell.
Upon detection of the attempted extraction, Dell immediately implemented countermeasures and initiated an investigation.”
Customers having a Dell account or that contacted the online support can find more information on a dedicated web page Dell established at www.dell.com/customerupdate.
Customers need to change passwords for any other account on other services if they use the same password for their Dell.com account.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.