Connect with us

Hi, what are you looking for?


Data Breaches

D-Link Says Hacker Exaggerated Data Breach Claims

Hacker claims to have breached D-Link’s network in Taiwan and is offering to sell stolen data, but the company says the claims are exaggerated.

D-Link hacked

D-Link has launched an investigation after a hacker offered to sell information allegedly stolen from one of its networks and has determined that the claims are exaggerated.

On October 1, a user of the new BreachForums cybercrime website claimed they had breached the internal network of D-Link in Taiwan, which gave them access to a database storing the information of 3 million customers, as well as source code for the D-View network monitoring product. 

The hacker claimed to have stolen 1.2 Gb of data, including names, email addresses, postal addresses, phone numbers, and the time and date of the last login, and offered to sell the files for $500. 

“This does include the information of MANY government officials in Taiwan, as well as the CEOs and employees of the company,” said the seller, who also made available a small sample to demonstrate their claims. 

D-Link said it learned of the hacker forum post on October 2 and hired Trend Micro to assist with its investigation. The probe has been completed and the networking equipment maker has confirmed suffering a data breach, but described the hacker’s claims as inaccurate, exaggerated and misleading. 

“The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015. The data was used for registration purposes back then. So far, no evidence suggests the archaic data contained any user IDs or financial information. However, some low-sensitivity and semi-public information, such as contact names or office email addresses, were indicated,” the company explained. 

D-Link said the attacker gained access to its systems after an employee fell victim to a phishing attack. However, it believes impact is limited — its operations are not affected and neither are customers. 

The company pointed out several exaggerations and inaccuracies in the hacker’s post. D-Link claims that only 700 records were actually compromised, not 3 million, and noted that the hacker may have altered the login timestamps to make the data look more recent than it actually is. 

Advertisement. Scroll to continue reading.

Related: TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant

Related: Lost and Stolen Devices: A Gateway to Data Breaches and Leaks

Related: IBM Discloses Data Breach Impacting Janssen Healthcare Platform

Related: 500k Impacted by Data Breach at Fashion Retailer Forever 21

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Data Breaches

AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.