Dell Inc said on Wednesday that it reset passwords for all accounts on its Dell.com online electronics store on Nov. 14, five days after it discovered and stopped hackers who were attempting to steal customer data.
The company said that on November 9, 2018, it detected and disrupted unauthorized activity on its network attempting to extract Dell.com customer information, which was limited to names, email addresses and hashed passwords. Though it is possible some of this information was removed from Dell’s network, Dell said it investigations found no conclusive evidence that any was extracted. Additionally, Dell said its cybersecurity measures are in place to limit the impact of any potential exposure. These include the hashing of Dell's customers’ passwords and a mandatory Dell.com password reset. The primary online services that were affected by the password reset include Dell.com, Premier, Global Portal and support.dell.com (‘Esupport’). Credit card and other sensitive customer information was not targeted. The incident did not impact any Dell products or services.
Upon detection of the attempted extraction, Dell immediately implemented countermeasures and initiated an investigation. Dell also retained a digital forensics firm to conduct an independent investigation and has engaged law enforcement.
Companies come under increasing scrutiny from regulators worldwide to provide quick and accurate disclosure of customer data theft. The European Union implemented strict new privacy regulations in May that punish violators with fines of up to 20 million euros, or 4 percent of global revenue, whichever is higher.