In two separate cybersecurity incidents, involving Dell and Dunkin’ Donuts, it was revealed that customers’ information might have been stolen by hackers.
Dell.com faces cybersecurity incident
Dell, the American multinational computer technology company, came out with a release on its website admitting that it was hit by a potential cybersecurity hack which it warded off successfully.
The update states,
On November 9, 2018, Dell detected and disrupted unauthorized activity on our network that attempted to extract Dell.com customer information, limited to names, email addresses and hashed passwords. Upon detection, we immediately implemented countermeasures and began an investigation. We also retained a digital forensics firm to conduct an independent investigation and engaged law enforcement.
Initially, Dell mentioned that it found no proof that any customer information was stolen, but a separate press release by the company on its website now says that,
Though it is possible some of this information was removed from Dell’s network, our investigations found no conclusive evidence that any was extracted.
Though with not 100% assurance, Dell still says that there is no indication that any credit card or other sensitive customer information was targeted and it has cybersecurity measures in place that limit the impact of any potential exposure, including the hashing of customers’ passwords. As a security measure, it has also reset Dell.com customers’ passwords to further protect customers and their accounts.
Dunkin Donuts faces a credential stuffing attack
Meanwhile, Dunkin’ Donuts, American multinational quick service restaurant chain based in Canton, Massachusetts, also reported a similar cybersecurity incident like Dell. The company said it discovered a recent Cybersecurity breach in which hackers may have retrieved the names and email addresses of customers signed up for the chain’s DD Perks mobile app.
The security update from Dunkin released this Wednesday read,
Although Dunkin’ did not experience a data security breach involving its internal systems, we’ve been informed that third-parties obtained usernames and passwords through other companies’ security breaches and used this information to log into some Dunkin’ DD Perks accounts. One of these may have been your account and we want you to know what happened, as well as the steps we are taking to protect your personal information.
Dunkin says that it has already alerted DD Perks program holders who may have been affected forcing a password reset. It has also notified customers to use unique passwords and not to reuse their DD Perks passwords for other online accounts.