D-Link confirmed the fact of the leakage of data of employees and customers

D-Link confirmed the fact of the leakage of data of employees and customers

Taiwanese company D-Link has confirmed the data leak from its network, which was put up for sale on BreachForums in early October. The attacker stole the source code of the D-View network management software, as well as millions of records containing personal information of customers and employees.

The stolen data is likely to include names, emails, addresses, phone numbers, account registration dates, and user last login dates.

The attacker published samples of 45 stolen records that date back to 2012-2013. According to him, he has at his disposal 3 million lines of information extracted from the D-Link internal network. The directory also includes information on a number of Taiwanese officials and company executives.

The data has been available for purchase on BreachForums since October 1st. The attacker valued the stolen customer information and alleged D-View source code at $500.

The security breach occurred because a D-Link employee fell victim to a phishing attack, the company said. In response to the hack, the manufacturer immediately disabled the potentially compromised servers and user accounts, except for the two used during the investigation.

D-Link confirmed that an attacker gained access to the product registration system in a “test lab environment” running on an outdated D-View 6 with an expiration date of 2015.

The company said that the compromised system contained about 700 records, despite the attacker’s claim to have stolen the data of millions of users. D-Link noted that these outdated and fragmented records had been inactive for at least seven years. Most of such data consisted of little confidential and semi-public information, the manufacturer assures.

According to D-Link, the attacker deliberately faked the login timestamps to create the illusion of a recent data theft. The company assured that the incident is unlikely to affect most customers.

Related posts