D-Link to boost security program to settle FTC complaint2019-07-04 14:58 by Daniela
Tags: D-Link, FTC
D-Link Systems, a popular manufacturer of routers, webcams, and other connected devices has agreed to implement a "comprehensive software security program" to settle Federal Trade Commission charges that the company exposed customer data to hackers while advertising top-of-the-line security measures.
In 2017, the FTC sued the D-Link for allegedly misrepresenting the security of its devices including internet routers and internet-connected cameras.
Specific shortcomings cited by the FTC included hard-coded login credentials on its D-Link camera software that used easily guessed passwords; storing mobile app login credentials in human-readable text on a user's mobile device expressly or implicitly describing its hardware as being secure from unauthorized access; repeatedly failing to take reasonable testing and remediation measures to protect hardware from well-known and easily preventable software security flaws.
"We sued D-Link over the security of its routers and IP cameras, and these security flaws risked exposing users' most sensitive personal information to prying eyes," Andrew Smith, Director of the FTC's Bureau of Consumer Protection, said in a statement. "Manufacturers and sellers of connected devices should be aware that the FTC will hold them to account for failures that expose user data to risk of compromise."
As part of the agreement, the company will take specific steps to make sure that its Internet-connected cameras and routers are secure. It will implement the following:
Read more -here-