D-Link Confirms Breach, Rebuts Hacker's Claims About Scope
The router specialist says the attacker's claims to have heisted millions and millions of records are significantly overblown. But an incident did happen, stemming from a successful phish.
Stay updated on D-Link's latest information security news, insights, and updates with in-depth analysis and expert opinions.
Search across headline titles and summaries.
Background for this topic.
D-Link makes networking and connected devices such as home and small-business routers, access points, switches, cameras, and network-attached storage. These products matter in information security because they sit at network boundaries or hold sensitive traffic, video, and files. Security advisories usually apply to a particular model, hardware revision, and firmware version—not to every D-Link device.
Commonly relevant weaknesses include flaws in web administration, authentication bypass, command injection, and exposed management services. An internet-facing or end-of-life device may remain exploitable when updates are unavailable or unapplied, while cameras and storage systems can expose private content if access controls fail. Defenders should inventory exact models and firmware, apply applicable updates, replace unsupported equipment, restrict administration to trusted networks, disable unnecessary remote management and UPnP, and change default credentials. Logs and network telemetry can help identify suspicious administration or unexpected outbound connections from affected devices.
The router specialist says the attacker's claims to have heisted millions and millions of records are significantly overblown. But an incident did happen, stemming from a successful phish.
Who knew 3 million actually means 700 in cybercrime forum lingo? D-Link has confirmed suspicions that it was successfully targeted by cyber criminals, but is talking down the scale of the impact.…
Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015," the company said
Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month. [...]