UPDATED 22:12 EDT / NOVEMBER 29 2018

SECURITY

Dell resets user passwords after a hacking attempt earlier this month

Dell Inc. has reset all customer passwords in response to a hacking attempt on Nov. 9.

In a statement Wednesday, Dell said it had detected and disrupted unauthorized activity on its network attempting to extract Dell.com customer information, which was limited to names, email addresses and hashed passwords.

Playing it safe, the computer systems maker added that “though it is possible some… information was removed from Dell’s network, our investigations found no conclusive evidence that any was extracted.” The form of the attack was not disclosed.

Stephen Moore, chief security strategist at Exabeam Inc., told SiliconANGLE that large organizations — especially ones the size of Dell — are usually responsible for massive amounts of data.

“All of that data gives attackers more places to hide,” Moore explained. “For example, hackers can enter a network through a less sensitive — and thus less monitored — vector such as an unprotected cloud server, an IoT device or a shared employee laptop. They can then move laterally from that single device to access critical resources spread across the organization.”

For that reason, he added, organizations must shift their enterprise security strategy. “Network security simply isn’t enough,” Moore said. “The key is to move fast and consider an approach that is closely aligned with monitoring user behavior — to provide the necessary visibility needed to restore trust, and react in real time, to protect customer data. This should include the ability to detect, using behavioral characteristics, when events have occurred.”

Matan Or-El, chief executive officer of Panorays Inc., noted that cybercriminals will repeatedly pummel websites, probing for a way to get in, especially with large companies such as Dell.

“While Dell took immediate action once the unauthorized activity was detected, it still took almost 21 days to let customers know that they needed to change their passwords,” Or-El said. “New data privacy laws going into effect will start to force companies to report incidents like these in 72 hours, so that consumers can mitigate the impact to their personal information or credit cards.”

Photo: Editor at Large/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.