On Wednesday, Dell announced that it had discovered a security breach on November 9th. This breach tried to extract Dell’s customer information including names, email addresses, and hashed passwords.
The company said, “Though it is possible some of this information was removed from Dell’s network, our investigations found no conclusive evidence that any was extracted. Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure.”
According to Dell’s press release, “Upon detection of the attempted extraction, Dell immediately implemented countermeasures and initiated an investigation. Dell also retained a digital forensics firm to conduct an independent investigation and has engaged law enforcement.”
The company also did not go into detail about the hashing algorithms it uses. However, algorithms such as MD5 can be cracked within seconds to reveal the plaintext password. “Credit card and other sensitive customer information were not targeted. The incident did not impact any Dell products or services”, the company said.
According to a customer review on Hacker News thread, “Dell ‘hashes’ all Dell.com customer account passwords prior to storing them in our database using a hashing algorithm that has been tested and validated by an expert third-party firm. This security measure limits the risk of customers’ passwords being revealed if a hashed version of their password were to ever be taken.”
According to ZDNet, “Dell said it’s still investigating the incident, but said the breach wasn’t extensive, with the company’s engineers detecting the intrusion on the same day it happened. A Dell spokesperson declined to give out a number of affected accounts, saying “it would be imprudent to publish potential numbers when there may be none.”
While resetting passwords is a safer option, the users should also keep a check on their card statements if they have saved some financial or legal information in their accounts.
European Consumer groups accuse Google of tracking its users’ location, calls it breach of GDPR
I remember deciding to pursue my first IT certification, the CompTIA A+. I had signed…
Key takeaways The transformer architecture has proved to be revolutionary in outperforming the classical RNN…
Once we learn how to deploy an Ubuntu server, how to manage users, and how…
Key-takeaways: Clean code isn’t just a nice thing to have or a luxury in software projects; it's a necessity. If we…
While developing a web application, or setting dynamic pages and meta tags we need to deal with…
Software architecture is one of the most discussed topics in the software industry today, and…