Technology

Dell reveals ‘unauthorized’ attempt to extract customer passwords

“Though it is possible some of this information was removed from Dell’s network, our investigations found no conclusive evidence that any was extracted,” Dell said.

By Sean Lyngaas

November 28, 2018

Earlier this month, Dell detected and thwarted “unauthorized activity” on its network that was an attempt to extract customer names, email addresses, and hashed passwords from Dell.com, the computing giant announced Wednesday.

“Though it is possible some of this information was removed from Dell’s network, our investigations found no conclusive evidence that any was extracted,” Dell said in a statement.

The attempted extraction occurred Nov. 9.

The Round Rock, Texas, company said protections liked hashed passwords and mandatory password resets would limit the impact of any potential exposure. Hashing is the application of an algorithm that allows a web service to store an encrypted version of a password without storing the password itself.

“Credit card and other sensitive customer information was not targeted,” and the incident did not impact any Dell products or services, the statement said.

Dell said it had contacted law enforcement about the incident and hired a cybersecurity firm to do an independent investigation.