Dear BlackCloak Client,
Ubiquiti, a provider of networking equipment and IoT devices, recently experienced a security breach impacting customer accounts. Some popular Ubiquiti product lines include the AmpliFi mesh networking devices as well as the UniFi wireless devices, routing devices and cameras.
What Happened?
Ubiquiti servers were accessed containing user profile details for customer accounts set up on the account.ui.com web portal. This portal is available to Ubiquiti customers after they have purchased a Ubiquiti product and can be used to manage devices remotely and access help and support resources.
What Information Was Involved?
Names, email addresses, and passwords were accessed. If customers had filled out user profiles in the web portal with their home addresses and phone numbers, those could have been accessed as well.
What Should You Do?
While Ubiquiti has not detected any unauthorized access to customer accounts, the company has started notifying customers (see image below) to:
- reset passwords and
- enable dual factor authentication on their accounts (if not done so already)
If you own any Ubiquiti products, we recommend you follow Ubiquiti's guidance.
