DLink confirms data breach after employee phishing attack

pMortgage giant Mr Cooper says customer data exposed in breachppCISA warns of actively exploited Juniper preauth RCE exploit chainppLockBit ransomware leaks gigabytes of Boeing datappFBI Royal ransomware asked 350 victims to pay 275 millionppMeet the Unique New Hacking Group AlphaLockppSave 112 on a lifetime subscription to AdGuards ad blockerppEthereum feature abused to steal 60 million from 99K victimsppFBI Royal ransomware asked 350 victims to pay 275 millionppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to open a Windows 11 Command Prompt as AdministratorppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppeLearningppIT Certification CoursesppGear GadgetsppSecurityppppTaiwanese networking equipment manufacturer DLink confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this monthppThe attacker claims to have stolen source code for DLinks DView network management software along with millions of entries containing personal information of customers and employees including details on the companys CEOppThe stolen data allegedly includes names emails addresses phone numbers account registration dates and the users last signin datesppThe threat actor provided samples of 45 stolen records with timestamps between 2012 and 2013 which prompted another participant in the thread to comment on the fact that the data looked very oldppI have breached the internal network of DLink in Taiwan I have 3 million lines of customer information as well as source code to DView extracted from system the attacker saidppThis does include the information of MANY government officials in Taiwan as well as the CEOs and employees of the companyppThe data has been available for purchase on the hacking forum since October 1st with the threat actor demanding 500 for the stolen customer information and the alleged DView source codeppDLink said the security breach occurred due to an employee falling victim to a phishing attack granting the attacker access to the companys networkppIn response to the breach the company immediately shut down potentially impacted servers and disabled all but two user accounts used during the investigationppWhile it confirmed the breach DLink specified that the intruder accessed a product registration system within what it described as a test lab environment operating on an outdated DView 6 system that reached the end of life in 2015ppThe reason why an endoflife server was still operational on DLinks network potentially remaining exposed to Internet access for seven years remains unclearppContrary to the attackers claim of stealing millions of users data DLink said the compromised system contained roughly 700 records with info on accounts that have been for at least seven yearsppBased on the investigations however it only contained approximately 700 outdated and fragmented records that had been inactive for at least seven years DLink saidppThese records originated from a product registration system that reached its end of life in 2015 Furthermore the majority of the data consisted of lowsensitivity and semipublic informationppDLink also suspects the threat actor deliberately tampered with the recent login timestamps to create the illusion of a more recent data theft Additionally the company stated that most of its existing customers are unlikely to be impacted by this incidentppMarina Bay Sands discloses data breach impacting 665000 customersppCasio discloses data breach impacting customers in 149 countriesppLyca Mobile investigates customer data leak after cyberattackppCrypto firm Nansen asks users to reset passwords after vendor breachppPizza Hut Australia warns 193000 customers of a data breachppNot a member yet Register NowppIranian hackers launch malware attacks on Israels tech sectorppLockBit ransomware leaks gigabytes of Boeing datappTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2023 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp