Ubiquti, a maker of networking equipment and IoT devices, has notified its customers of a recent security breach.
In an email to customers that was posted on company forums, the company said it recently became aware of unauthorized access to some IT systems hosted by an undisclosed third-party cloud provider.
The company, a large provider of cloud-enabled devices like routers, network video recorders, cameras and access control systems, said there is no indication that unauthorized users accessed any user’s account.
Further, the company said it isn’t aware of evidence that the attacker has accessed databases that hose user data, but the company stopped short of confirming that this data wasn’t exposed.
“This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted),” the company said.
“The data may also include your address and phone number if you have provided that to us.”
Read Next: IBM Study: Average Cost of Data Breach $3.86M
As a precaution, the company is urging users to change their password for UI.com and on any other websites where the same password user ID or password are used.
Users are also urged to enable two-factor authentication on Ubiquti accounts.
“We apologize for, and deeply regret, any inconvenience this may cause you,” the email says. “We take the security of your information very seriously and appreciate your continued trust.”
Here’s the full message:
We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that there has been unauthorized activity with respect to any user’s account.
We are not currently aware of evidence of access to any databases that host user data, but we cannot be certain that user data has not been exposed. This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted). The data may also include your address and phone number if you have provided that to us.
As a precaution, we encourage you to change your password. We recommend that you also change your password on any website where you use the same user ID or password. Finally, we recommend that you enable two-factor authentication on your Ubiquiti accounts if you have not already done so.
We apologize for, and deeply regret, any inconvenience this may cause you. We take the security of your information very seriously and appreciate your continued trust.
Thank you,
Ubiquiti Team
Leave a Reply