D-Link, the global networking equipment and technology company, recently confirmed a data breach following a threat actor’s attempt to sell stolen data on the BreachForums platform. The incident came to the company’s attention on October 2, 2023, prompting an immediate investigation in collaboration with the cybersecurity firm Trend Micro.
The breach, originating from an old D-View 6 system that reached its end of life in 2015, involved the compromise of 3 million lines of customer information and the source code for D-Link’s D-View network management software. The stolen data encompassed details such as names, emails, addresses, phone numbers, registration dates, and last sign-in dates, impacting Taiwanese government officials, CEOs, and D-Link employees. The investigation revealed that the breach resulted from a phishing attack targeting an employee, leading to unauthorized access to long-unused and outdated data. D-Link promptly responded by shutting down relevant servers, emphasizing that the stolen records, approximately 700 in number, were fragmented and inactive for at least seven years.
The compromised data originated from a product registration system that had become obsolete in 2015. Despite the alarming claims made by the threat actor, D-Link assured customers that the majority of the exposed information was low-sensitivity and semi-public, with no evidence suggesting the inclusion of user IDs or financial details. Consequently, the company expressed confidence that most of its current customers were unlikely to be affected by the breach.
References:
