D-Link Says It Will 'Vigorously Defend Itself' Against FTC Over Alleged Insecure Devices
D-Link is pushing back against an FTC complaint that the company's wireless routers and internet cameras were vulnerable to hackers, putting privacy at risk. In a Thursday news release, D-Link Chief Information Security Officer William Brown called the complaint "unwarranted" and said the company "will vigorously defend the security and integrity of our routers and IP cameras." In a Q&A on its website, the company said it has "a robust range of procedures to address potential security issues" in IoT devices. The company said "the complaint does not allege any breach of a D-Link Systems device. Instead, the FTC speculates that consumers were placed 'at risk' to be hacked, but fails to allege, as it must, that actual consumers suffered or are likely to suffer actual substantial injuries." The FTC voted 2-1 -- with Commissioner Maureen Ohlhausen voting no -- to file the complaint with the U.S. District Court for the Northern District of California, said an agency news release. The FTC said the California-based subsidiary of D-Link, which is headquartered in Taiwan, "failed to take steps to address well-known and easily preventable security flaws," including: "hard-coded" login credentials; a software flaw called "command injection" that could be exploited by hackers; "mishandling" a private key code; and leaving user logins unsecured on mobile devices. An FTC spokesman said Friday that Ohlhausen didn't provide further comment on her no vote.