October 17, 2023 at 02:55PM
Networking equipment manufacturer D-Link confirmed a data breach in which customer and employee information, including the CEO’s details, were stolen and put up for sale. The attacker claims to have also taken source code for D-Link’s software. The company shut down affected servers, disabled user accounts, and clarified that only around 700 outdated records were compromised, contrary to the attacker’s claim of millions. D-Link suspects tampering of login timestamps. Most existing customers are not expected to be affected.
Key Takeaways from Meeting Notes:
1. D-Link, a Taiwanese networking equipment manufacturer, confirmed a data breach that occurred earlier this month.
2. The breach involved stolen information, including source code for D-Link’s D-View network management software and personal details of customers and employees, including the CEO.
3. The stolen data includes names, emails, addresses, phone numbers, account registration dates, and last sign-in dates.
4. The threat actor claims to have 3 million lines of customer information and access to the internal network of D-Link, including government officials’ information.
5. The stolen data has been available for purchase on a hacking forum since October 1st, with a price tag of $500.
6. D-Link attributes the breach to an employee falling victim to a phishing attack, granting the attacker access to the company’s network.
7. D-Link took immediate action by shutting down affected servers and disabling user accounts.
8. The compromised system contained roughly 700 outdated and inactive records, contrary to the attacker’s claim of millions of stolen data.
9. D-Link suspects the threat actor manipulated login timestamps to make the data theft appear more recent.
10. The company believes that most of its existing customers are unlikely to be impacted by this incident.