The big picture: Dell is downplaying the impact of a recent cybersecurity incident in which attackers attempted to extract Dell.com customer data. Without specifics - which Dell isn't sharing - it's virtually impossible to gauge the scope of the attack. Either way, it's another opportunity to reassess personal password practices if you haven't done so in a while.

Dell recently revealed that on November 9, it detected and thwarted a cyber attack targeting Dell.com customer information.

The bad actors attempted to steal names, e-mail addresses and hashed passwords. Although it is possible that the attackers got away with some information, Dell said they have found no evidence to suggest any information was extracted.

Payment information was not targeted, we’re told.

Dell said once the threat was detected, it deployed countermeasures and initiated an investigation. A digital forensics team was also brought in to conduct an independent investigation and law enforcement has been notified. The company did not say how many accounts were potentially at risk but instead offered the following statement on the matter to Digital Trends:

Since this is a voluntary disclosure, and there is no conclusive evidence that customer account information was extracted, it would not be prudent to publish potential numbers when there may be none.

Shortly after the breach, Dell performed a global reset of all Dell.com customer passwords and is requiring a multi-step authentication process prior to users being able to regain access to their accounts.

If you haven't already done so, now would be a good opportunity to eradicate and duplicate passwords or perhaps even adopt a password manager.

 

source