October 18, 2023 at 05:22PM
Taiwan-based network equipment vendor D-Link confirms data breach but denies hacker’s claims of severity. Investigation reveals that the stolen data is outdated and doesn’t contain personally identifiable or financial information. D-Link believes the breach occurred through a successful phishing attack on an employee and assures customers that they are unlikely to be affected. The incident follows a similar false claim at Signal messaging service. D-Link has implemented additional security measures and advises concerned customers to contact customer service.
Key Takeaways from the Meeting Notes:
1. D-Link, a Taiwan-based network equipment vendor, confirmed being a victim of a data breach, but disputed the severity of the incident claimed by the hacker.
2. On BreachForums, the hacker known as “succumb” claimed to have breached D-Link’s internal network, accessing 3 million lines of customer information and source code for D-Link’s D-View network management software.
3. D-Link’s investigation, conducted with Trend Micro, revealed that the hacker’s claims were exaggerated. The stolen data was outdated and did not contain personally identifiable information or financial data.
4. The breach likely involved “archaic” registration data from a discontinued D-View system. Only around 700 records were accessed, not 3 million.
5. It is believed that the attacker gained access through a successful phishing attack on an employee.
6. D-Link has reviewed its access control mechanisms and will implement additional controls to mitigate similar threats. It believes current customers are unlikely to be affected, but advises contacting customer service for more information.
7. This incident follows another recent case where security measures had to be reviewed after an exaggerated breach claim. Signal, a secure messaging service, determined a viral rumor about a zero-day vulnerability was unfounded after a thorough investigation.
8. In response to the hacker’s claims, D-Link shut down relevant servers, blocked user accounts, and disconnected the test lab from the corporate network to prevent any further intrusion attempts.