Well-known network provider, according to the whistleblower, was hit by a “catastrophic” incident
The network equipment supplier Ubiquiti is apparently blackmailed and accused by a whistleblower of covering a potentially massive data leak. These are the most important questions and answers.
How bad was an incident that the American manufacturer Ubiquiti informed its customers via email on January 11, 2021? The Edge summarized the latest worrying findings on Thursday night. Ubiquiti is accused by a whistleblower of covering up a “catastrophic” security breach – and after 24 hours of silence, the company has now released a statement saying none of the whistleblower’s allegations would be disputed.
Why is that important?
Ubiquiti has an excellent reputation, notes The Verge. The routers and other network devices that are also sold in Switzerland belong to the prosumer class. The company name has become synonymous with high security standards and user-friendly administration.
Originally, Ubiquiti had informed its customers on January 11 about a supposedly small security hole in a “third-party cloud provider”, but the famous cybersecurity website KrebsOnSecurity announced on March 30 that the security hole was actually much worse than Ubiquiti wanted to admit.
A company spokesman who spoke with Brian Krebs claims that Ubiquiti itself was hacked and that the legal department of the company prevented efforts to fully educate customers about the dangers.
How could that happen?
According to The Verge, it is worth reading the report of acclaimed IT security expert Krebs to see the full allegations. The bottom line is that hackers have full access to the company’s AWS servers. This is because ubiquiti is supposed to Root Manager logs in to a LastPass account left behind.
The attackers would be able to use the password manager to gain access to all the Ubiquiti network devices that the customers had set up to control through the company’s cloud service. And this online service is apparently required for some of the new Ubiquiti hardware.
What does Ubiquiti say?
When Ubiquiti finally made a statement this week, it was not exactly reassuring, comments The Verge – it was “completely unsatisfactory”.
The company reiterated its position that it had no evidence that user data was accessed or stolen.
If cancer showed the whistleblower explicitly stated that the company does not keep logs of who has access to the hacked server and who does not. Ergo: It could have no evidence.
Ubiquiti’s statement also confirms that the hacker tried to extort money from the company, but does not address the allegations of coverage.
Below we reproduce the original Ubiquiti statement that the US company published after the cancer statement report:
watson contacted Ubiquiti for comment on the allegations made by The Verge. An answer awaits.
What can Ubiquiti customers do?
Buyers or users of Ubiquiti hardware have already been asked by the company to change the password for online access. They must also enable two-factor authentication to prevent unauthorized third-party access.
That being said, customers can only wait and see if more information about the incident is leaked. If the criminal attackers sell or publish customer data on the internet, this will probably become known sooner or later.
Thanks for the ♥
Do you want to support Watson and journalism?
(You will be forwarded to complete the payment)
The worst computer attacks ever
This iPhone bug is ingeniously practical
You may also be interested in:
Sign up for our newsletter