AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Corporate data breach: D-Link responds promptly

D-Link's immediate reaction to corporate data breach reveals details of attack and reassures customers

D-Link, Taiwanese company, confirms data breach. The breach was due to a phishing attack on an old, outdated system. Stolen data is few and not sensitive. Company took immediate action.

This pill is also available in Italian language

Popular Taiwanese networking equipment company D-Link has confirmed a data breach linked to a recent incident in which sensitive information was stolen and subsequently offered for sale on BreachForums.

The company responded promptly to the breach

D-Link responded quickly to the breach by shutting down potentially affected servers and disabling all but two user accounts. According to D-Link, the breach occurred due to an employee falling victim to a phishing attack, which gave the attacker access to the company's network.

The compromised system was obsolete

D-Link clarified that the compromised system was part of a "test lab environment" and was based on an outdated D-View 6 system that reached end of support in 2015. The fact that an outdated server remained accessible in D-Link's network for seven years is still under investigation.

The actual size of the data theft is smaller

Contrary to the threatening actor's claims that it had stolen the data of millions of users, D-Link revealed that the compromised system contained approximately 700 records, all of which had been dormant for at least seven years. This data came from a product registration system that had reached the end of its operational cycle in 2015. D-Link suspects that the threat actor manipulated recent access timestamps to create the illusion of a more recent data theft. The company also reassured customers that the majority of user data consisted of low-sensitivity and semi-public information, thus minimizing the impact on customers.

Follow us on Telegram for more pills like this

10/18/2023 09:27

Marco Verro

Last pills

Zero-day threat on Android devices: Samsung prepares a crucial updateFind out how Samsung is addressing critical Android vulnerabilities and protecting Galaxy devices from cyber threats

CrowdStrike: how a security update crippled the tech worldGlobal impact of a security update on banking, transportation and cloud services: what happened and how the crisis is being addressed

Checkmate the criminal networks: the Interpol operation that reveals the invisibleFind out how Operation Interpol exposed digital fraudsters and traffickers through extraordinary global collaboration, seizing luxury goods and false documents

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report