Ubiquiti’s Data Breach Incident May Be a Lot More Catastrophic Than We Thought
Last updated September 17, 2021
Ubiquiti is sending notices of a data breach to its customers, as they recently became aware of unauthorized access to the systems of a third-party cloud provider who is doing business with them. Unfortunately for the clients, their account information may have been accessed by someone, although the announcement mentions that there’s no indication of that having happened. Still, recipients are urged to reset their passwords and enable two-factor authentication.
Ubiquiti is an American tech company that makes networking equipment, wireless data communication products, security cameras, video recorders, etc. Some of the brands belonging to Ubiquiti are UniFi, EdgeMax, AirMax, AirFiber, and UFiber.
We don’t know if the incident covers them all, so we would advise you to keep an eye on your inbox and also check your spam folder in case you have something from the vendor in there. Those who are individually alerted should take immediate action.
Now, the company says that the passwords were hashed and salted, so they should be very hard to decrypt. However, other information like names, email addresses, home addresses, and phone numbers weren’t encrypted and may have been accessed. So, while the accounts may be safe no matter what, the data breach incident will have a long-lasting effect on the exposed customers.
This has sparked a wave of complaints from the community. Users are asking Ubiquiti to consider allowing them to set up their accounts without connecting to the cloud and entering sensitive details there. Surely, the vendor could maintain that convenience optional for those who need it, but many see the mandatory cloud integration as an unnecessary risk.
Krebs has put up some detailed instructions on how to change your password, set a session timeout value, and how to enable 2FA, so if you need that, check it out. Although the investigative journalist has tried to figure out who the third-party cloud provider is and what is the exact nature of the security incident, so far, nothing has been leaked or discovered on that front.