Ubiquiti, one of the biggest sellers of networking gear, including routers, webcams and mesh networks, has alerted its customers to a data breach. According to Ubiquiti, the intruder accessed servers that stored data on UI.com users, such as names, email addresses, and salted and hashed passwords. The number of Ubiquiti users impacted and how the data breach occurred remains a mystery. It is also not clear yet if the “unauthorized access” took place when a security researcher found the exposed data or if it was due to a malicious threat actor.
Ubiquiti send its users an e-mail informing them of the breach however several customers complained that the email included typos and questioned its authenticity. The networking company quickly followed its email with a post on its community pages confirming that the email was authentic.
“Dear Customer,
We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that there has been unauthorized activity with respect to any user’s account.
We are not currently aware of evidence of access to any databases that host user data, but we cannot be certain that user data has not been exposed. This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted). The data may also include your address and phone number if you have provided that to us.
As a precaution, we encourage you to change your password. We recommend that you also change your password on any website where you use the same user ID or password. Finally, we recommend that you enable two-factor authentication on your Ubiquiti accounts if you have not already done so. Change PasswordEnable Two-Factor Authentication We apologize for, and deeply regret, any inconvenience this may cause you. We take the security of your information very seriously and appreciate your continued trust.
Thank you,
Ubiquiti Team”