Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

[Article] Ubiquiti hacked - the extent of the breach is still unclear


Kryptera.se
 Share

Recommended Posts

Yesterday I received an email that the American company Ubiquiti has been hacked. Ubiquiti is i.a. one of the world's largest manufacturers of base devices for WiFi communication. The email contains relatively little information because the company states that they do not know the extent yet.

Although it has been a long time since I myself used Ubiquiti's cloud service, I assume that it is entirely possible to gain access to the local network via Ubiquiti's central service, hence this is extra serious. I can also imagine that DNS can be reconfigured, firmware can be changed, etc.

What appears in the email is that the username, hashed password, address and telephone number may have been leaked. It also appears that this is a third-party supplier where the leak must have taken place.

The mailing has also been confirmed by Ubiquiti themselves, see forum thread here (via the Security Bubble). The mailing went via Mailchimp and used i.a. tracking links, which made it initially difficult to determine the authenticity of the email.

 

IMG_0171-859x1536.png


View full blog article

Link to comment
Share on other sites

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Similar Content

    • By Kryptera.se
      Yesterday I received an email that the American company Ubiquiti has been hacked. Ubiquiti is i.a. one of the world's largest manufacturers of base devices for WiFi communication. The email contains relatively little information because the company states that they do not know the extent yet.
      Although it has been a long time since I myself used Ubiquiti's cloud service, I assume that it is entirely possible to gain access to the local network via Ubiquiti's central service, hence this is extra serious. I can also imagine that DNS can be reconfigured, firmware can be changed, etc.
      What appears in the email is that the username, hashed password, address and telephone number may have been leaked. It also appears that this is a third-party supplier where the leak must have taken place.
      The mailing has also been confirmed by Ubiquiti themselves, see forum thread here (via the Security Bubble). The mailing went via Mailchimp and used i.a. tracking links, which made it initially difficult to determine the authenticity of the email.
       


×
×
  • Create New...