Ubiquiti advises consumers to update their passwords following a security breach.
Logins and passwords were accessed in an unexplained data leak of UI.com accounts.
Ubiquiti Networks, a renown IoT device and networking equipment vendor, has sent out warning emails to its customers telling them of a security violation.
In the email message, the company informs that they have recently become aware of unauthorized access to some of Ubiquiti’s information technology systems hosted by a third-party cloud provider.
The compromised servers contained data related to user profiles for account.ui.com, a Ubiquiti web portal available to customers who have bought company products..
The web portal that was compromised is primarily used to provide remote device control and customer support.
According to Ubiquiti, the attacker has managed to reach servers that store details related to user accounts on UI.com, such as names, email addresses, and passwords. It is not excluded that home addresses and phone numbers of the users may also have been compromised, in case that this information has been configured by the users into the portal.
The number of Ubiquiti users who got hit by the data breach is still not clear. It also remains a mystery of how exactly the incident occurred. From the existing details, it is unclear whether the “unauthorized access” took place when a security researcher detected the leaked data or if it was an attack caused by a malicious threat actor.
By the time of publication of this article, there has been no clarification on the case by a Ubiquiti representative. However, given the concerns of its users, Ubiquiti stated it had not received any reports for attempts of user account hacking as a consequence of the data incident.
The organization has already requested all its customers to change their passwords and set up two-factor authentication for their accounts.
Initially, people who received the warning emails considered them as phishing attempts. However, Ubiquiti confirmed that the warning emails were authentic in a publication on the company’s forums.
Various customers shared the warning email on social media and here is a copy of it.