Dell has admitted suffering a potential breach after detecting suspicious activity on its network in early November.
The computer giant claimed it “detected and disrupted” the attackers, who were trying to access customer data from the Dell.com e-commerce platform. Affected information was apparently limited to the names, email addresses and hashed passwords of an undisclosed number of users.
“Though it is possible some of this information was removed from Dell’s network, our investigations found no conclusive evidence that any was extracted,” it continued.
“Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure. These include the hashing of our customers’ passwords and a mandatory Dell.com password reset. Credit card and other sensitive customer information was not targeted. The incident did not impact any Dell products or services.”
The firm said it “immediately implemented countermeasures and initiated an investigation” after the incident was discovered on November 9. Passwords were reset five days after, but that still leaves a long gap before customers were notified.
This could be bad news for those affected, unless the firm had employed particularly sophisticated hashing on its passwords, according to Sumit Agarwal, co-founder of Shape Security. He warned that readily available brute force tools can enable hackers to retrieve plaintext credentials.
“In security circles, email and hashed passwords are also known as the keys to the kingdom in terms of giving criminals full access to other accounts belonging to a given user who may have re-used those credentials information elsewhere,” he added.
“It is highly likely that criminals will be able to discover at least some of the stolen passwords, unless Dell had in place, particularly sophisticated hashing techniques. Historically, this has not been the case for many companies who were similarly breached, which is why more than 10 million username/password pairs per day were stolen, on average, throughout 2017.”