October 18, 2023 at 10:53AM
D-Link has confirmed being targeted by cyber criminals but downplayed the impact. Only around 700 stolen records were determined, contradicting the claim of 3 million in a hacking forum post. The data came from an old D-View 6 system in a test lab environment and included low-sensitive information. D-Link is conducting regular audits of outdated data and taking measures to enhance security. The allegations about stolen data concerning Taiwan government officials and D-Link staff were not addressed.
Key takeaways from the meeting notes are as follows:
1. D-Link has confirmed that it was targeted by cyber criminals. However, they downplayed the scale of the impact.
2. On October 1, a data breach was reported on a hacking forum where customer information and D-View source code were being sold for a $500 fee.
3. D-Link became aware of the incident on October 2 and conducted investigations in collaboration with Trend Micro. They determined that around 700 records were stolen, contradicting the previously advertised total.
4. D-Link stated that the data was not stolen from the cloud and originated from a test lab environment of an old D-View 6 system through a phishing attack on an employee.
5. The stolen data did not contain user IDs or financial information. However, low-sensitivity and semi-public information like contact names and office email addresses were compromised.
6. D-Link suspects that some of the data in the leak was manipulated to appear more recent than it actually was.
7. The allegations made by the cybercriminals regarding details on Taiwan government officials and D-Link staff were not addressed in D-Link’s disclosure.
8. D-Link has not responded to The Register’s request for clarification regarding these allegations.
9. The majority of D-Link’s current users are believed to be unaffected by the breach.
10. D-Link took immediate action after becoming aware of the breach, shutting down affected servers, blocking accounts, and taking the test lab offline.
11. D-Link plans to conduct regular audits of outdated data and delete it where necessary to prevent similar incidents.
12. The company regrets the occurrence and is dedicated to addressing the incident and improving the security of its operations. They have terminated the services of the test lab and reviewed access control measures.