D-Link, a networking solutions provider, has acknowledged that it was the target of a cyberattack, but is minimizing the extent of the damage. The breach came to light after a post on a hacking forum claimed to be selling 3 million lines of customer information and D-View source code for $500. D-Link confirmed that it became aware of the incident on October 2 and, with the assistance of investigators from Trend Micro, determined that the actual number of stolen records was around 700, significantly fewer than the originally claimed total.
According to D-Link, the data was not stolen from the cloud as some had suggested, but originated from a test lab environment of an outdated D-View 6 system. The breach was the result of a phishing attack on an employee. While no evidence suggests that the compromised data contained user IDs or financial information, low-sensitivity information such as contact names and office email addresses may have been exposed.
D-Link also believes that some of the leaked data, including last login timestamps, was manipulated to make it appear more recent than it actually was. However, the company’s disclosure fails to address allegations made by the cybercriminals that the stolen data included details on Taiwan government officials and D-Link staff.
D-Link has taken immediate steps to address the breach. It shut down the affected servers, blocked all accounts except for two used in the investigation, and took the test lab offline. The company plans to conduct regular audits of outdated data and delete it if necessary to prevent similar incidents in the future. D-Link expressed regret over the breach and is committed to enhancing the security of its operations.
It is worth noting that most of D-Link’s current users are believed to be unaffected by the incident. However, clarification regarding the alleged involvement of Taiwan government officials and D-Link staff has not yet been provided by the company.
Sources:
D-Link Statement on the Recent Data Breach
The Register: D-Link admits company-wide systems breach and data theft from ISP customers