Computer manufacturer Dell has revealed that earlier this month it discovered that hackers had breached its security and were attempting to access customer details – including names, email addresses, and hashed passwords.
Affected sites are said to include Dell.com, Premier, Global Portal and support.dell.com (‘Esupport’), but it’s important to note that there is no reason to believe that customers’ financial information has been accessed.
On November 9, 2018, Dell detected and disrupted unauthorized activity on our network that attempted to extract Dell.com customer information, limited to names, email addresses and hashed passwords. Upon detection, we immediately implemented countermeasures and began an investigation. We also retained a digital forensics firm to conduct an independent investigation and engaged law enforcement.
The attack, which is said to have been spotted on Friday November 9, 2018, is said to have been “disrupted” by Dell’s security team. Nonetheless, as Reuters reports, when Dell reset customers’ passwords five days later “out of an abundance of caution” it did not reveal that it was taking the step because it had been targeted by hackers.
What also needs to be communicated is the importance of ensuring that you never reuse the same password on multiple websites. If a hacker were able to steal a password from one breached website then one of the first things they will try to do is use that very same password on other websites in an attempt to unlock your other online accounts.
One of the best pieces of advice I can give you is to always use strong, unique passwords and to store them safely inside a password manager program.
To learn more about password security you can do a lot worse than listen to this episode of the “Smashing Security” podcast:
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.