Posted by Texas, US – Mumbai, India: Dell Inc. a part of Dell Technologies on Wednesday said that earlier this month it had discovered unauthorized activities from hackers on its network attempting to extract Dell.com customer information.
“Dell is announcing that on November 9, 2018, it detected and disrupted unauthorized activity on its network attempting to extract Dell.com customer information, which was limited to names, email addresses and hashed passwords,” the company said in a statement.
“Though it is possible some of this information was removed from Dell’s network, our investigations found no conclusive evidence that any was extracted. Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure,” Dell further said.
Following this, Dell asked its customers to change and reset password for its online store portal – Dell.com
Interestingly, the company has claimed that credit card and other sensitive information were not targeted and the incident did not impact any products or services.
More so, Dell also informed that it immediately took countermeasures, initiated an investigation and asked a digital forensics firm to conduct an independent investigation and engage with law enforcement authority.
Probably, this does imply that there was actually a hacking incident that breached Dell’s cybersecurity. From a security expert’s perspective, there are some pertinent questions and contradictions that the company needs to answer and clarify.
While Dell called this as ‘potential cybersecurity incident’ but then how it concluded that the unauthorized access on its network was limited to customers names, email addresses and hashed password and not their credit card and other sensitive information?
Dell hasn’t given any concrete evidence behind its conclusion that hackers had looked for customer details and not their credit cards and other information.
Secondly, if Dell was able to detect and disrupt this attempted hacking incident as per the statement, then why a digital forensics firm has been hired to conduct the investigation? Does it mean the scale of this cyberattack incident could be bigger than what Dell has said.
So far, the company has not disclosed how many of the Dell.com customers have been impacted because of this hacking incident.