Awesome!
Yesterday I received an email that the American company Ubiquiti has been hacked. Ubiquiti is i.a. one of the world's largest manufacturers of base devices for WiFi communication. The email contains relatively little information because the company states that they do not know the extent yet.
Although it has been a long time since I myself used Ubiquiti's cloud service, I assume that it is entirely possible to gain access to the local network via Ubiquiti's central service, hence this is extra serious. I can also imagine that DNS can be reconfigured, firmware can be changed, etc.
What appears in the email is that the username, hashed password, address and telephone number may have been leaked. It also appears that this is a third-party supplier where the leak must have taken place.
The mailing has also been confirmed by Ubiquiti themselves, see forum thread here (via the Security Bubble). The mailing went via Mailchimp and used i.a. tracking links, which made it initially difficult to determine the authenticity of the email.
Â
Recommended Comments
Create an account or sign in to comment