BleepingComputer reports that Taiwanese multinational networking equipment provider D-Link has disclosed being impacted by a data breach stemming from the compromise of a test lab system running on end-of-life software following a successful phishing attack against an employee.
Such a confirmation comes after a trove of D-Link data, including the source code of its D-View network management software and millions of customer and employee records, was advertised for sale on BreachForums on Oct. 1.
"I have breached the internal network of D-Link in Taiwan, I have 3 million lines of customer information, as well as source code to D-View extracted from [the] system. This does include the information of MANY government officials in Taiwan, as well as the CEOs and employees of the company," said the hacker, who was seeking $500 for the stolen data.
However, D-Link refuted the threat actor's claims, saying that only about 700 records were present in the breached system.
"These records originated from a product registration system that reached its end of life in 2015. Furthermore, the majority of the data consisted of low-sensitivity and semi-public information," said D-Link.