Dell changes every user's password after cyber attack that could have leaked data

Dell has changed every single one of its user passwords on its store, after a major cyber attack.

The company said that it had found and stopped hackers who were trying to break into its systems. But it would change the passwords to ensure that all data was safe, it said.

The company has been criticised for being slow in informing users of the change and the potential breach. The reset happened on 14 November, five days after the hackers were discovered, and users were only informed this week.

Customers were not told about the hack or the reset passwords until it chose to disclose the entire hack.

Dell said in a statement that on 9 November the company detected and stopped hackers who had breached its network and were attempting to steal customer data. Investigators found no evidence that the hackers succeeded, but have not ruled out the possibility that they did steal some data, the company said.

They only sought customer names, email addresses and scrambled passwords, Dell said.

The breach occurred as companies come under increasing scrutiny from regulators worldwide to provide quick and accurate disclosure of customer data theft. The European Union implemented strict new privacy regulations in May that punish violators with fines of up to 20 million euros ($23 million), or 4 percent of global revenue, whichever is higher.

Dell determined that there were no regulatory or legal requirements that it disclose the incident, but decided to come forward "with customer trust in mind," according to the source.

Dell declined to say how many accounts were affected, but did say that payment information and Social Security numbers were not targeted.

Dell said it reported the matter to law enforcement. Representatives with the Federal Bureau of Investigation could not immediately be reached for comment.

Additional reporting by Reuters