The Federal Trade Commission is taking D-Link to court, accusing the company of poor security practices for its routers, web cameras, baby monitors and other products.
The lawsuit (PDF), filed in San Francisco’s district court, argues that D-Link failed to meet security standards from 2007, leaving widespread vulnerabilities open to hackers.
The commission alleges that D-Link coded easy to crack login credentials into its camera software, enabling hackers to easily spy on the company’s customers.
The FTC also accuses D-Link of failing to encrypt passwords on its mobile app, instead leaving the codes in plain text on devices for anyone nearby to read. D-Link also failed to address a “command injection” software flaw, which would let hackers hijack routers from remote locations, according to the FTC.