Dell suffers security breach, reset customer passwords (but didn’t tell customers why until now)

Make sure you use unique passwords for different websites.

Graham Cluley

Dell suffers security breach, resets customer passwords

Computer manufacturer Dell has revealed that earlier this month it discovered that hackers had breached its security and were attempting to access customer details – including names, email addresses, and hashed passwords.

Affected sites are said to include, Premier, Global Portal and (‘Esupport’), but it’s important to note that there is no reason to believe that customers’ financial information has been accessed.

Dell statement

EmailSign up to our newsletter
Security news, advice, and tips.

On November 9, 2018, Dell detected and disrupted unauthorized activity on our network that attempted to extract customer information, limited to names, email addresses and hashed passwords. Upon detection, we immediately implemented countermeasures and began an investigation. We also retained a digital forensics firm to conduct an independent investigation and engaged law enforcement.

The attack, which is said to have been spotted on Friday November 9, 2018, is said to have been “disrupted” by Dell’s security team. Nonetheless, as Reuters reports, when Dell reset customers’ passwords five days later “out of an abundance of caution” it did not reveal that it was taking the step because it had been targeted by hackers.

What also needs to be communicated is the importance of ensuring that you never reuse the same password on multiple websites. If a hacker were able to steal a password from one breached website then one of the first things they will try to do is use that very same password on other websites in an attempt to unlock your other online accounts.

One of the best pieces of advice I can give you is to always use strong, unique passwords and to store them safely inside a password manager program.

To learn more about password security you can do a lot worse than listen to this episode of the “Smashing Security” podcast:

Smashing Security #099: 'Passwords - A Smashing Security splinter (replay)'

Listen on Apple Podcasts | Google Podcasts | Pocket Casts | Spotify | Other... | RSS
More episodes...

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.