Data breach in Ubiquiti affects thousands of customers; sensitive data exposed

Ubiquiti security teams have alerted their customers about a security incident that could expose a large amount of clients’ sensitive data. Ubiquiti is a leading network device manufacturing company, recognized primarily for its UniFi product family, a set of network devices, as well as a cloud computing platform.

The company has begun notifying its customers via email, further requesting that they reset their passwords and enable multi-factor authentication mechanisms: “We detect unauthorized access to some of our computer systems; for now we don’t have any signs of malicious activity related to user accounts,” the security alert mentions.

La imagen tiene un atributo ALT vacío; su nombre de archivo es ubiquiti1201202101.jpg

Although there is no evidence of illegitimate access, this is not a possibility ruled out by Ubiquiti: “We have no knowledge of the commitment of any of our databases, but we cannot confirm anything until the investigation is completed.” The company mentions that among the data that could be compromised are:

  • Full names
  • Encrypted passwords
  • Email addresses
  • Phone numbers
  • Home address, among other information

One factor that could have contributed to this incident is the fact that UniFi requires its users to create cloud accounts to manage on-premises computers; many users ignore and choose to manage everything locally. Ubiquiti also announced a widespread outage in its services that prevented users from managing devices correctly.

Ubiquiti has not confirmed whether this incident is linked to the data breach reported to its users. The company has received multiple requests for information from the cybersecurity community, although they have not spoken out.