Dell released a statement on Wednesday that says the computer giant reset passwords for all accounts on the Dell.com online electronics store on Nov. 14.
That was a full 5 days after they discovered and reportedly thwarted hackers who were trying to steal customer data.
Not the kind of news you want leading up to the holiday electronics shopping season.
Dell did not tell its customers about the attack when it forced the password resets 5 days after the attack, according to reports.
The only data the hackers attempted to access, according to Dell today, was customer names, email addresses and scrambled passwords.
Dell said in a statement that on Nov. 9 the company detected and stopped hackers who had breached its network and were attempting to steal customer data. Investigators found no evidence that the hackers succeeded, but have not ruled out the possibility that they did steal some data, the company said.
They only sought customer names, email addresses and scrambled passwords, Dell said.
The breach occurred as companies come under increasing scrutiny from regulators worldwide to provide quick and accurate disclosure of customer data theft. The European Union implemented strict new privacy regulations in May that punish violators with fines of up to 20 million euros ($23 million), or 4 percent of global revenue, whichever is higher.
Dell determined that there were no regulatory or legal requirements that it disclose the incident, but decided to come forward “with customer trust in mind,” according to the source.
Dell declined to say how many accounts were affected, but did say that payment information and Social Security numbers were not targeted.
Dell said it reported the matter to law enforcement.
Representatives with the Federal Bureau of Investigation could not immediately be reached for comment.
PHOTO: Dell logos are seen at its headquarters in Cyberjaya, outside Kuala Lumpur in this September 4, 2013 file photo. REUTERS/Bazuki Muhammad/Files