Dell announced on Wednesday that it had detected an unauthorized attempt to extract customer information from Dell[.]com earlier this month.
The company said the breach was attempted on November 9, but it managed to stop the hackers who were trying to steal customer data. The intruders tried to extract customer information such as customer names, email addresses, and hashed passwords.
Dell also revealed that a password reset was initiated for all customer accounts on Dell[.]com online electronics store on November 14 for security purposes.
While the company didn’t discuss the complexity of the password-hashing algorithms used to protect them, some of them — such as MD5 can be broken within seconds to reveal the plaintext password.
Dell said in a press release that the “investigations found no conclusive evidence that any information was extracted.”
Apparently, the hackers didn’t target payment cards or other sensitive customer information. Neither did it cause any disruption in its normal services during the breach or after that.
The company says the incident is still being investigated, but the breach wasn’t an extensive one as their engineers detected the intrusion on the same day. However, the company declined to put a number on the affected accounts.
Even though Dell has tried to downplay the impact of the incident, customers should keep in mind that breached companies generally amend the initial revelations as the investigation continues.
So Dell[.]com users should reset their passwords if they haven’t and manually review what information they’ve stored in their accounts and keep an eye on their saved cards.