Dell resets customer passwords following cyber attack

The company has just issued a statement with more detail regarding the incident

Dell has confirmed that it detected and stopped unauthorised activity on its network which attempted to extract data from customers including names, email addresses and hashed passwords.

The situation resulted in Dell carrying out a forced password reset for customers. But Dell did this on 14 November some five days after discovering the hack attempt on 9 November, meaning customers were potentially left in the dark about the risk posed to their personal data. 

However, the tech giant was keen to assure its customers that following an internal investigation, no information was extracted. That said, it did add that it might be possible that some information had been removed from Dell's servers.

Dell confidently says that no credit card or other sensitive information was extracted from the network, nor did it impact any of its products or services.

"Upon detection of the attempted extraction, Dell immediately implemented countermeasures and initiated an investigation," Dell said in its statement. "Dell also retained a digital forensics firm to conduct an independent investigation and has engaged law enforcement."

"In this age of highly sophisticated information security threats, Dell is committed to doing all it can to protect customers' information," Dell added. "This includes encouraging customers to change passwords for other accounts if they use the same password for their Dell.com account. Dell will continue to invest in its information technology networks and security to detect and prevent the risk of unauthorised activity."

IT Pro has approached Dell for comment over a Reuters report alleging that the company failed to tell customers of what happened when it forced the password resets but had not received comment at the time of publication. 

This is particularly significant because, following GDPR, firms are facing stricter regulations regarding data breaches. Companies are required to tell its customers quickly and accurately about the details of any data breach which would affect them, or risk fines that could rise into the millions.

Featured Resources

Five lessons learned from the pivot to a distributed workforce

Delivering continuity and scale with a remote work strategy

Download now

Connected experiences in a digital transformation

Enable businesses to meet the demands of the future

Download now

Simplify to secure

Reduce complexity by integrating your security ecosystem

Download now

Enhance the safety and security of your people, assets and operations

Enable a true vision of security with an engineered solution based on hyperconverged and storage platforms

Download now

Recommended

'Largest ever' Magecart hack compromises 2,000 online stores
hacking

'Largest ever' Magecart hack compromises 2,000 online stores

15 Sep 2020
Infocyte integrates with Palo Alto Networks Cortex XSOAR
cyber security

Infocyte integrates with Palo Alto Networks Cortex XSOAR

19 Aug 2020
Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020

Most Popular

Accenture ploughs $3 billion into cloud migration support group
digital transformation

Accenture ploughs $3 billion into cloud migration support group

17 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
Google takes on Zoom with launch of Meet hardware
video conferencing

Google takes on Zoom with launch of Meet hardware

16 Sep 2020