Dell Systems Hacked to Steal Customer Information
(Nov 29, 2018)
The US-based computer technology company “Dell,” has confirmed that unknown threat actors managed to gain unauthorized access to its network. Dell detected this unauthorized activity on November 9, 2018 and discovered that actors were attempting to steal dell[.]com information consisting of email addresses, hashed passwords, and names. As of this writing, Dell has not found any “conclusive evidence” that data, including credit card information, was stolen.
Recommendation: Dell has reset all dell[.]com user passwords as a proactive measure so users will be prompted to create a new password upon attempting to login. Breaches of this sort serve as a reminder of the importance not to reuse the same password for multiple accounts because one breach could then have the potential to affect other accounts that might hold sensitive information. Healthy passwords requirements are paramount for all online accounts because of automatic tools, often free and open source, can be used to brute force attack weak passwords.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.