Dell detects data breach, informs customers after a month

It took Dell almost a full month to inform its customers that their information was stolen following a security incident which occurred on November 9, 2018, reads a notice on the computer company’s website. The company reset customer passwords without informing them early on that their data may have been compromised.

According to their statement, unauthorized activity was detected on its infrastructure with clear intent to steal customer data. The data breach may have affected some data on the company’s network such as names, emails and hashed passwords of online customer accounts, but no strong evidence confirms that malicious actors actually obtained the desired data. Dell assures customers that credit card and sensitive customer information was not leaked and their products and services were not affected.

Dell immediately tried to contain the incident and reduce exposure by hashing customer passwords and resetting passwords.

“Upon detection of the attempted extraction, Dell immediately implemented countermeasures and initiated an investigation. Dell also retained a digital forensics firm to conduct an independent investigation and has engaged law enforcement.”

An independent investigation was started and law enforcement was informed about the breach. All Dell customers are strongly encouraged to urgently change their passwords and, in case they have a universal password they reuse, immediately change it for all accounts in question.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Luana Pascu. Read the original post at: