The FTC has added D-Link Corporation to the growing list of companies that are being scrutinized because of their lack of security. IoT devices have been long known to be less than in the security department, subjecting their users to possible hacks and theft of personal information.
The FTC alleges that D-Link Corporation failed to develop their consumer devices with reasonable security measures, exposing users to “widely known and reasonably foreseeable risks of unauthorized access.” The FTC points out that the security features of several devices that D-Link Corporation sold were misrepresented by the company. D-Link conveyed that their devices were “Easy to Secure” and had “Advanced Network Security”, but in reality this wasn’t the case.
The FTC alleges that D-Link put consumers privacy at risk by not taking appropriate actions, “to address well-known and easily preventable security flaws.” Some of these flaws included were “ranked among the most critical and widespread web application vulnerabilities since at least 2007” by the Open Web Application Security Project.
D-Link Corporation claims no wrong-doing, and has promised to “vigorously defend the action.”