Unauthorised access to the Ubiquiti IT infrastructure

The company Ubiquiti, dedicated to the sale of network equipment and IoT devices, has informed its customers, through an email, of an unauthorized access to some of its IT systems hosted by an external cloud provider, last Monday, 11th of January.

The company has assured that no database, which stores user account information, has been compromised, although it could not assure that this information could not be exposed. Among the data that may have been affected are names, email addresses, one-way encrypted passwords, physical addresses and telephone numbers.

As countermeasures, Ubiquiti recommends that users change their password and enable two-factor authentication for their accounts.

[Update 31/03/2021]

An anonymous participant in the response to the security incident, nicknamed 'Adam', has complained that the fact that Ubiquiti has found no evidence of access to customer information, because it does not have a record of database logs, does not mean that access did not occur.

Ubiquiti for its part has reiterated that the results of the investigation are correct, as forensic experts found no evidence of access to the data, the cybercriminal claimed not to have done so, and other evidence does not prove otherwise.