Dell: Your Personal Info May, or May Not, Have Been Stolen

It appears attackers attempted to penetrate Dells network in early November. While the company does not believe any personal data was taken, Dell cannot guarantee no one was compromised.

Dell is investigating whether attackers managed to steal customer data after an unknown person or group penetrated the companys network, including the consumer-facing Dell.com site.
On November 28,
Dell issued a statement
that it security team was investigating a possible attack against the companys network. It appears names, email address and hashed passwords were compromised, but its unclear if any of that information was removed.
However, attackers did not gain access to payment information, such as credit card numbers and other sensitive data. The companys other sites, including EMC and other enterprise divisions, were also not affected.
The security breach happened on November 9.
(Source:
Wikipedia
)

Since then, Dell conducted a forensic security audit of the breach and its site, and while the vendor does not believe any data was compromised, it cant guarantee that.
Though it is possible some of this information was removed from Dells network, our investigations found no conclusive evidence that any was extracted, according to a statement.
As a precaution, however, Dell plans to have all Dell.com customers reset their passwords and will hash those passwords as well. The company also is working with law enforcement to investigate the potential breach. In addition Dell established a
website
for affected customers.
What makes this particular breach of concern is that Dell is one of the worlds largest suppliers of consumer and enterprise technology, and yet attackers could compromise the network -- whether or not any personal data was stolen.
Of course (and sadly), Dell is not the only enterprise facing these types of questions.
In the past two months, Facebook and
Google
have each been forced to respond to network breaches that exposed user information and data. In the case of Facebook, it does appear some data was taken. (See
Facebook Revises Data Breach Number Down to 30M Users
.)
Additionally, companies like British Airways now offer more information about various data breaches and attacks in order to comply with new laws and regulations. In this case, the airline might be one of the first large-scale tests of the European Unions General Data Protection Regulation (GDPR). (See
British Airways Already Facing Lawsuits Following Data Breach
.)
Related posts:
Ransomware, New Privacy Laws Are Top Security Concerns for 2019
UK & Dutch Authorities Slap Uber With Fines Over 2016 Data Breach
HSBC Data Breach Shows Failure to Protect Passwords & Access Controls
Your People Cant Secure Your Network? Try Tier 0 Automation
— Scott Ferguson is the managing editor of Light Reading and the editor of
Security Now
. Follow him on Twitter
@sferguson_LR
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Dell: Your Personal Info May, or May Not, Have Been Stolen