XaiJu
dtns
dtns

patreon


Networking Equipment Maker Breached - ThreatWire

Added 2021-01-19 17:02:41 +0000 UTC

By Shannon Morse, ThreatWire 

Ubiquiti Networks sent out a notification last week warning customers about a security breach and telling folks to change their passwords and turn on 2 factor authentication. The email stated they became aware of unauthorized access to information technology systems hosted by a third party cloud provider. They have no indication that there has been any unauthorized access to accounts due to the access. 

The information stored on this server is data from account.ui.com which is a web portal users for Ubiquiti products. This domain allows users to manage their devices from remote locations but it also stores data such as user names, email addresses, and salted and hashed passwords, so any of that data could have been accessed along with some home addresses and phone numbers if a user added that info to the portal. Ubiquiti did not disclose how many users were impacted.

In order to enable 2FA on your Ubiquiti account, log in, click on Security, then you can change your password, set a session timeout time, and enable 2FA.

The disclosure is vague. There is no information about whether or not an investigation is ongoing to look into this breach, how many were affected, or what kind of third party server they were using to store this information. They also do not indicate why it was accessible in the first place or how they’re working to remediate the problem so it doesn’t occur in the future. All of which is important to know whenever a breach of data occurs.

Weekly security and privacy news, brought to you by Shannon Morse.

Watch this on youtube: https://youtu.be/W3MB9PdSpBM

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://teespring.com/stores/morsecode

Support ThreatWire!  https://www.patreon.com/threatwire

Ubiquiti Data Breach:

https://www.zdnet.com/article/ubiquiti-tells-customers-to-change-passwords-after-security-breach/

https://www.theverge.com/2021/1/11/22226061/ubiquiti-data-breach-email-third-party-unathorized-access

https://krebsonsecurity.com/2021/01/ubiquiti-change-your-password-enable-2fa/


More Creators

sledg3r

sledg3r

 patreon
Stassie

Stassie

 patreon
kyokwadesu

kyokwadesu

 patreon
venatusmaps

venatusmaps

 patreon
vegastarlight

vegastarlight

 patreon
mizarusketch

mizarusketch

 patreon
Your Horny World / AI art / BL novel

Your Horny World / AI art / BL novel

 patreon
anvtherlife

anvtherlife

 patreon
Azagwen

Azagwen

 gumroad
ailegend

ailegend

 patreon
DemensKippyAi

DemensKippyAi

 patreon
IosonoOtakuman

IosonoOtakuman

 patreon
pputonton

pputonton

 fanbox
Papadamn

Papadamn

 patreon
shion-omiya

shion-omiya

 fanbox
Quillu

Quillu

 patreon
pepoyo

pepoyo

 fanbox
サムライ忍者GREENTEA

サムライ忍者GREENTEA

 fanbox
DNA: ID

DNA: ID

patreon
HARU3

HARU3

 fanbox
蒼野アキラ

蒼野アキラ

 fanbox
Art by knux

Art by knux

 gumroad
SuperiX

SuperiX

 patreon
Josef Photography

Josef Photography

 patreon
UnderrocksArt

UnderrocksArt

 patreon
The Line

The Line

 patreon
image incorporated

image incorporated

 gumroad
dobrodel

dobrodel

 boosty
YOSHIKA⁂

YOSHIKA⁂

 fanbox
Truewolfy

Truewolfy

 patreon
TheChaosSpirit

TheChaosSpirit

 patreon
VNDRSCALE

VNDRSCALE

 gumroad
LeStarStudios

LeStarStudios

 patreon
さとと [satoto]

さとと [satoto]

 fanbox
Koko ₍^. .^₎⟆

Koko ₍^. .^₎⟆

 patreon
oakiyo

oakiyo

 patreon
ANGHELIKOL

ANGHELIKOL

 patreon
Jeremie Challenger

Jeremie Challenger

 patreon
Rusty's Assets

Rusty's Assets

 gumroad
Meridier

Meridier

 gumroad