D-Link has launched an investigation after a hacker offered to sell information allegedly stolen from one of its networks and has determined that the claims are exaggerated.
On October 1, a user of the new BreachForums cybercrime website claimed they had breached the internal network of D-Link in Taiwan, which gave them access to a database storing the information of 3 million customers, as well as source code for the D-View network monitoring product.
The hacker claimed to have stolen 1.2 Gb of data, including names, email addresses, postal addresses, phone numbers, and the time and date of the last login, and offered to sell the files for $500.
“This does include the information of MANY government officials in Taiwan, as well as the CEOs and employees of the company,” said the seller, who also made available a small sample to demonstrate their claims.
D-Link said it learned of the hacker forum post on October 2 and hired Trend Micro to assist with its investigation. The probe has been completed and the networking equipment maker has confirmed suffering a data breach, but described the hacker’s claims as inaccurate, exaggerated and misleading.
“The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015. The data was used for registration purposes back then. So far, no evidence suggests the archaic data contained any user IDs or financial information. However, some low-sensitivity and semi-public information, such as contact names or office email addresses, were indicated,” the company explained.
D-Link said the attacker gained access to its systems after an employee fell victim to a phishing attack. However, it believes impact is limited — its operations are not affected and neither are customers.
The company pointed out several exaggerations and inaccuracies in the hacker’s post. D-Link claims that only 700 records were actually compromised, not 3 million, and noted that the hacker may have altered the login timestamps to make the data look more recent than it actually is.