D-Link has revealed that it was the victim of a data breach but dismissed the seeming perpetrator’s claims about the severity of the incident as inaccurate and exaggerated.
Earlier this month, an individual goes by the name “succumb” claimed on the BreachForums about having breached the internal network of D-Link in Taiwan. The individual claimed to have exfiltrated some 3 million lines of customer information and source code pertaining to D-Link’s D-View network management software.
The stolen data includes includes names, emails and physical addresses, phone numbers, and company information on D-Link’s customers.
According to D-Link, an investigation of the incident that it conducted with its internal team and with experts showed that while a breach happened, it was nowhere near the scale the hacker portrayed on BreachForums.
D-Link said the data that the hacker obtained was outdated and did not contain any PII or financial data. The number of records that the attacker appeared to have accessed was also just 700 and not remotely near the 3 million records the hacker claimed.
Available evidence suggests that the intruder most likely exfiltrated “archaic” registration related data from a D-View system that reached end of life in 2015, D-Link claimed.
None of the records that the hacker obtained appear to be currently active. “However, some low-sensitivity and semi-public information, such as contact names or office email addresses, were indicated,” D-Link said.
D-Link said it believes the attacker gained access to the “long-unused and outdated data” via a successful phishing attack on one of its employees.”
D-Link noted that it has reviewed its access control mechanisms and will implement additional controls as necessary to mitigate against similar threats. D-Link believes current customers are unlikely to be affected by this incident.