Dell disclosed a digital security incident in which unauthorized individuals targeted some pieces of customer information.
On 28 November, the American multinational computer technology company announced that it had detected a security incident earlier in the month. The event consisted of unauthorized activity on Dell.com, Premier, Global Portal and support.dell.com (‘Esupport’). Other parts of the company’s network weren’t affected.
In the incident, unknown individuals attempted to steal customer information including names, email addresses and passwords protected by a hashing system which the company said was previously tested and validated by security experts. It explained in a customer update that it responded by notifying law enforcement, hiring a third-party digital forensics firm and launching its own internal investigation into what happened. Together, these reviews revealed no evidence of the attackers having removed customer data from the network.
The company also implemented countermeasures to prevent a similar event from happening in the future. Specifically, it implemented a mandatory Dell.com password reset. The company then advised customers to choose a unique password that doesn’t include family names or addresses. To help them even further, it recommended that users create a sentence about their life and use the first letter/number of each word and use the combined result for their password.
Additional guidance on how to create a strong password can be found here.
The computer firm said it will continue to strengthen its information security measures going forward. As quoted in a press release:
In this age of highly sophisticated information security threats, Dell is committed to doing all it can to protect customers’ information. This includes encouraging customers to change passwords for other accounts if they use the same password for their Dell.com account. Dell will continue to invest in its information technology networks and (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/dell-discloses-digital-security-event-involving-customer-information/