Ubiquiti tells customers to change passwords after security breach

[bman212121]

Networking equipment and IoT device vendor Ubiquiti Networks has sent out today notification emails to its customers informing them of a recent security breach.

"We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider," Ubiquiti said in emails today.

The servers stored information pertaining to user profiles for account.ui.com, a web portal that Ubiquiti makes available to customers who bought one of its products.

The site is used to manage devices from a remote location and as a help and support portal.

According to Ubiquiti, the intruder accessed servers that stored data on UI.com users, such as names, email addresses, and salted and hashed passwords.

Home addresses and phone numbers may have also been exposed, but only if users decided to configure this information into the portal.

https://www.zdnet.com/article/ubiquiti-tells-customers-to-change-passwords-after-security-breach/


Change your passwords if you have an account or bought stuff directly from them.

 

[carlbme]

Yup, went and changed my password and enabled 2FA.

Always something. *sigh*