[Wien] Ubiquiti: Wechselt Passwort für ui.com-Account!

[Peter Kuhm]

--- snip ---
The attackers also provided proof they’d stolen Ubiquiti’s
source code, and pledged to disclose the location of another
backdoor if their ransom demand was met. [...]

Ubiquiti should have immediately invalidated all of its
customer’s credentials and forced a reset on all accounts,
mainly because the intruders already had credentials needed
to remotely access customer IoT systems.
--- snap ---

--https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

| Whistleblower: Ubiquiti Breach “Catastrophic”
|
| On Jan. 11, 
|
| Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet
| of Things (IoT) devices such as routers, network video recorders and
| security cameras — disclosed that a breach involving a third-party
| cloud provider had exposed customer account credentials. Now a source
| who participated in the response to that breach alleges Ubiquiti
| massively downplayed a “catastrophic” incident to minimize the hit
| to its stock price, and that the third-party cloud provider claim
| was a fabrication. [...]



On Tue, 12 Jan 2021 11:23:33 +0100 Albert Rafetseder wrote:

> Liebe Leute,
> 
> falls Ihr bei Ubiquiti einen Account registriert habt, ändert bitte Eure
> Passwörter. Da gab's möglicherweise einen Fremdzugriff auf die
> Registrierungsinformation.
> 
> Link hier, Text auch unterhalb in Kopie:
> 
> https://community.ui.com/questions/Account-Notification/96467115-49b5-4dd6-9517-f8cdbf6906f3
> 
> Danke an David für die Weiterleitung dieser Information im Matrix-Chat!
> 
> Schöne Grüße,
>   Albert.
> 
> ----8<----
> 
> # Account Notification
> 
> We recently became aware of unauthorized access to certain of our
> information technology systems hosted by a third party cloud provider.
> We have no indication that there has been unauthorized activity with
> respect to any user’s account.
> 
> We are not currently aware of evidence of access to any databases that
> host user data, but we cannot be certain that user data has not been
> exposed. This data may include your name, email address, and the one-way
> encrypted password to your account (in technical terms, the passwords
> are hashed and salted). The data may also include your address and phone
> number if you have provided that to us.
> 
> As a precaution, we encourage you to change your password. We recommend
> that you also change your password on any website where you use the same
> user ID or password. Finally, we recommend that you enable two-factor
> authentication on your Ubiquiti accounts if you have not already done so.
> 
> We apologize for, and deeply regret, any inconvenience this may cause
> you. We take the security of your information very seriously and
> appreciate your continued trust.
> 
> Thank you,
> 
> Ubiquiti Team
>