D-Link Suffers Data Breach from a Phishing Attack

Why is people security the biggest concern for organizations these days? Recently, D-Link, a company that makes network gear, suffered a major #security problem. Some important company information was taken in a sneaky way called a phishing attack, where two employees got tricked. D-Link says the stolen data isn't very useful for bad actors. Still, this incident shows that even big companies are always dealing with cyber threats.

D-Link is trying to fix the problem by turning off the servers that were breached and stopping the accounts that were compromised. This makes us think more about how strong our online security is and how #cybercriminals keep finding new ways to cause trouble. Let’s find out about the attack in detail and how people security should be driven in organizations.

Employees - Biggest Loophole in Cybersecurity

The cybercriminals carried out extensive #phishing attack campaigns on D-Link, which led to the compromise of the security system. The security breach itself is a testimony to human vulnerabilities that have accounted for the majority of the security breaches across the globe. According to the 2022 Data Breach Investigations Report (#DBIR), the human factor, which includes social attacks, errors, and misuse, was implicated in 82% of the reported breaches.

The prominent reason for humans being the biggest loophole in #cybersecurity is unawareness and poor training on cyber threats. The organizations should focus around developing a cybersecurity strategy that is highly driven by people security management. The notion of people security primarily involves assessing employee’s vulnerability and training them comprehensive cybersecurity awareness. Let’s check out what happened with D-Link..

Step-By-Step Breakdown of the Data Breach

1. Hackers initiated a phishing campaign against the employees of D-Link.
2. The phishing email contained a luring message to entice them into revealing sensitive information.

1. Two of the employees in the company revealed the access credentials to their internal system’s network.
2. Hackers accessed the confidential data of employees and customers through the compromised network.
3. The exposed data included the names, physical addresses, phone numbers, email addresses, and login details of users.
4. The hacker displayed data from 45 records over the dark web of the timestamp between 2012 and 2013.

Check Out About a Similar Attack- Coinbase Data Breach: The Role of Employee Unawareness

Hacker Boasting About Compromised Data on Dark Web

Threat actor surfaced on a dark web forum earlier in October, disclosing a breach in D-Link's internal network based in Taiwan. The attacker asserted having acquired valuable assets such as product source codes and a substantial amount of identity information, including that of customers, employees, and even the CEO. 

The claim, suggesting access to three million lines of customer data and the extraction of D-View source code, has raised serious alarms in the cybersecurity community. Of significant concern is the alleged access to sensitive details belonging to various government officials in Taiwan, as well as key figures within D-Link. This occurrence prompts a careful examination of existing cybersecurity measures, emphasizing the need for enhanced defenses against increasingly sophisticated threats.

According to the sources, the attacker stole some 700 records, and not millions, as they’re claiming. The data that was stolen includes people’s names, emails, addresses, phone numbers, account registration dates, and the users’ last sign-in dates. However, the majority of the data consisted of low-sensitivity and semi-public information.

The attacker is asking for $500 for the database and has offered a handful of samples. However, the samples seem to be from a decade ago, something other forum members were quick to spot. As D-Link further explained, the attacker stole the data from a “test lab environment”, an outdated server that reached end-of-life in 2015.

Check Out More: Threatcop: Pioneer in People Security Management

People Security - Strongest Defense in the Organizations

An article by Thales stated that among organizations that experienced a data breach in the last 12 months, 55% of respondents pinpointed misconfiguration or human error as the leading cause. Fostering a culture of security is integral to an organization's defense strategy. When employees understand the pivotal role they play in maintaining security, they become more invested in the collective effort to thwart potential threats. 

Creating an environment where reporting incidents is encouraged and viewed as a positive contribution further strengthens this security culture. As we navigate the complexities of modern cybersecurity threats, Threatcop stands as a beacon for organizations seeking comprehensive solutions. Specializing in human-centric security, Threatcop offers tailored education and training programs, phishing awareness initiatives, and cutting-edge technologies for continuous monitoring.

Get Your Hands on People Security Guide

On the account of October Cybersecurity Awareness Month, Threatcop conducted a collaborative research and marketing campaign with Ofofo to gather insights and learnings from industry's prominent security leaders. The guide is a testament to existence of biggest loophole in cybersecurity, that is humans. At the same time, leaders also shared and emphasized upon the notion of people security and how organizations can incorporate people security management in their organization. You can order your FREE copy from the link below-

People Security Guide

Check Out More Insights and Articles

• Decoding the SmugX Phishing Campaign in Cyberwarfare
• Microsoft Teams Attacks: Hackers Pose as Tech Support