Ubiquiti Customer Data Breach. Ubiquiti’s success in the market makes it a tempting target for hackers. Ubiquiti is a major player in the network device market, best known for its UniFi line of networking products, paired with a cloud-based management platform.
Recently, Ubiquiti has begun notifying customers of a data breach and sending out instructions to change passwords on the Ubiquiti system and enable 2-factor authentication to provide an added layer of security.
The notification Ubiquiti emailed out Customer Data Breach,
“We recently became aware of unauthorized access to our Customer Data information technology systems hosted by a third party cloud provider. There is no indication that there was activity authorization with respect to any user’s account.
We are not currently aware of evidence of access to any customer data bases that host user data, but we cannot be certain that user data exposure. This data may include your name, email address, and the one-way password encryption to your account (in technical terms, the password is hash and salt). The data may also include your address and phone number if you have provided that to us.”
The Customer Data Breach is still under investigation, and new findings may change the evolving situation. However, as outlined above, there doesn’t appear to be any risk to proprietary customer data, which is a very good thing. The instructions regarding changing passwords and enabling 2FA were with the notification “out of an abundance of caution.”
This is a good, proactive response to a customer data breach, and one other business around the world should seek to emulate if or when they fall victim to some hacking attack that sees their network breached. While we’re sorry to see any hacking effort succeed, kudos to Ubiquiti for their response to the customer data breach.