Dell EMC is warning its Dell.com customers of unauthorized activity on its network that occurred on Nov. 9 when it believes adversaries attempted to access names, email addresses and hashed passwords. In response, the company said that it has reset all Dell.com customer passwords.
Dell said that there is currently no “conclusive” evidence that intruders were successful and that data was extracted.
“On November 9, 2018, Dell detected and disrupted unauthorized activity on our network that attempted to extract Dell.com customer information, limited to names, email addresses and hashed passwords,” the company said in a Wednesday statement on its website.
Dell.com is primarily utilized by customers who have purchased or want to purchase Dell products, view services, or access support.
“Upon detection, we immediately implemented countermeasures and began an investigation,” Dell said. “We also retained a digital forensics firm to conduct an independent investigation and engaged law enforcement.”
There is no indication of any credit card or other sensitive customer information being targeted, and the incident did not impact Dell products or services, the company said.
The company did not say how the hackers were able to breach its network. It did not respond to a request for comment from Threatpost.
For Dell.com customers, the company stressed the need for creating secure passwords.
“While we continue to do all that we can, please change your password the next time you log-in to Dell.com if prompted to do so (you will be prompted if you haven’t changed it recently),” said Dell in its advisory. “And if you use the same or similar passwords on other online services, we recommend you also set new passwords for those accounts.”
Threatpost will continue to update this story as more information becomes available.