AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Corporate data breach: D-Link responds promptly

D-Link's immediate reaction to corporate data breach reveals details of attack and reassures customers

D-Link, Taiwanese company, confirms data breach. The breach was due to a phishing attack on an old, outdated system. Stolen data is few and not sensitive. Company took immediate action.

This pill is also available in Italian language

Popular Taiwanese networking equipment company D-Link has confirmed a data breach linked to a recent incident in which sensitive information was stolen and subsequently offered for sale on BreachForums.

The company responded promptly to the breach

D-Link responded quickly to the breach by shutting down potentially affected servers and disabling all but two user accounts. According to D-Link, the breach occurred due to an employee falling victim to a phishing attack, which gave the attacker access to the company's network.

The compromised system was obsolete

D-Link clarified that the compromised system was part of a "test lab environment" and was based on an outdated D-View 6 system that reached end of support in 2015. The fact that an outdated server remained accessible in D-Link's network for seven years is still under investigation.

The actual size of the data theft is smaller

Contrary to the threatening actor's claims that it had stolen the data of millions of users, D-Link revealed that the compromised system contained approximately 700 records, all of which had been dormant for at least seven years. This data came from a product registration system that had reached the end of its operational cycle in 2015. D-Link suspects that the threat actor manipulated recent access timestamps to create the illusion of a more recent data theft. The company also reassured customers that the majority of user data consisted of low-sensitivity and semi-public information, thus minimizing the impact on customers.

Follow us on Threads for more pills like this

10/18/2023 09:27

Editorial AI

Last pills

Global threat: serious security flaw discovered in the IEEE 802.11 Wi-Fi standardNew flaw in the IEEE 802.11 Wi-Fi standard exposes the security of global networks to serious risks

The fundamental aspects of computer security in everyday lifeProtection and prevention: how to safeguard personal data in the digital world

Black Basta hits Synlab: analysis of the attack and cybersecurity lessons for the healthcare sectorCyber defense strategies: how to protect healthcare infrastructures from ransomware

Google releases an emergency update for ChromeUrgent update to fix critical vulnerability in Chrome, users advised to install it immediately