Dell announced today that they detected attackers in their systems on November 9th 2018 who were attempting to extract customer information from the Dell.com, Premier, Global Portal and support.dell.com sites.
According to Dell's breach notification, they detected unauthorized users in their systems on November 9th 2018. These attackers were trying to retrieve customers information from Dell.com accounts that included names, email addresses, and hashed passwords.
"On November 9, 2018, Dell detected and disrupted unauthorized activity on our network that attempted to extract Dell.com customer information, limited to names, email addresses and hashed passwords," stated Dell's security disclosure. "Upon detection, we immediately implemented countermeasures and began an investigation. We also retained a digital forensics firm to conduct an independent investigation and engaged law enforcement."
While their investigation did not reveal that any information was stolen, Dell decided to perform a mandatory reset on all Dell.com accounts. These password resets will occur when the user next logs in.
"Our investigations found no conclusive evidence your Dell.com customer information was extracted, and Dell cybersecurity measures are in place to limit the impact of any potential exposure. Credit card and other sensitive customer information was not targeted," Dell explained in their disclosure.
Even though Dell has stated that they do not see evidence of any data being stolen, it is important that all users change their passwords at other sites that used the same password on Dell.com. Users should also be vigilant and monitor their credit reports and credit card statements in the event that the attackers did indeed have access to financial information.