Dell Announces Potential Cybersecurity Incident November 29 2018 You may have read about a cybersecurity incident involving Dell.com. As your technology compass and a Dell certified partner, ACS wants to be sure you know the facts and where to go for more information. Summary of what Happened On November 9, 2018, Dell detected and disrupted unauthorized activity on their network that attempted to extract Dell.com customer information, limited to names, email addresses and hashed passwords. According to a statement by Dell, upon detection, Dell immediately implemented countermeasures and began an investigation. Dell also retained a digital forensics firm to conduct an independent investigation and engaged law enforcement. Through that investigation, they found no conclusive evidence that any customer information was taken. Furthermore, there is no indication that any credit card or other sensitive customer information was targeted. Dell has cybersecurity measures in place that limit the impact of any potential exposure, including the hashing of customers’ passwords. Out of an abundance of caution, Dell proactively reset Dell.com customers’ passwords to further protect customers and their accounts. No Dell products or services were affected. For more information on this incident, please review the official Dell page dedicated to providing information and updates at www.dell.com/customerupdate. Best Practices Cybersecurity and superior service to our clients are ACS’ top priorities. ACS has safeguards in place to mitigate the impact of cyber events like the one detailed above. Below are a few steps you can take now to secure your organization. 1. Use Strong Passwords: ACS recommends using a “passphrase” vs. a password. Passphrases utilize capital letters, special characters, and numbers to create a strong and memorable login credential. Example: Use a song lyric, removing the spaces between words. The lyrics “It was the summer of 69” from the Song “Summer of 69” could transform into the passphrase: ItWasTheSummerOf69! 2. Educate Employees: Employees can either be your biggest strength or your biggest weakness when it comes to cybersecurity. Educating users with a program that includes informational material, quizzes, reporting, and periodic cyber-attack simulation emails ensure they retain the information. Sending simulation attack emails not only allows the user to recognize malicious tactics, but it also provides the organization information on who within the organization needs more training. 3. Ensure Software is Updated: Cybercriminals often target outdated or unpatched software. Manufacturers routinely distribute patches and updates for their software to ensure the security and resilience of the platform. When organizations don’t implement these fixes, they leave the back-door open for intruders. Close the gaps by routinely updating all systems. This includes updating any internet-enabled devices such as printers, smart thermostats, and smart coffee makers. As your trusted technology advisor, ACS is here to help you with all your technology needs and challenges. Speak with our experts today to identify areas of improvement in your cybersecurity strategy.