Ubiquiti Networks has warned customers to change their passwords after their security system has been compromised by a hacker.
In an email to a customer, network equipment and Internet of Things (IoT) device vendors have noticed unauthorized access to systems hosted by third-party cloud providers.
“We are currently not aware of any evidence of access to the database that hosts the user data, but we cannot be sure that the user data has not been published,” the email said.
Ubiquiti added that the name, email address, and one-way encrypted password (hashed and salted) to the customer’s account may have been exposed. The data may also include the customer’s address and phone number if the customer provided it to the vendor.
Users with Ubiquiti accounts can remotely access and manage routers and devices from the web using the vendor portal account.ui.com.
Vendors were also forced to emphasize on community bulletin boards that the email was genuine and not a phishing attempt after the customer complained of “inappropriate wording” of the email.
“We apologize for any inconvenience, but we deeply apologize,” added the bulletin board post. “We take the security of your information very seriously and thank you for your continued trust.”
Ubiquiti is just one of the vendors that have been hit by the hacking incidents that have been in the spotlight in recent weeks, such as FireEye and SolarWinds. This vendor was also one of several vendors targeted by the Global VPNFilter Malware Campaign in 2018.
Join the newsletter!
Error: Please check your email address.
Tag cyber attack IoT Ubquiti
Ubiquiti warns customers after data breaches
Source link Ubiquiti warns customers after data breaches