cyber Breach

Ubiquiti Inc.

May 24, 2022 1 min read
Ubiquiti Inc.

Networking device maker Ubiquiti suffered from a data breach security incident that exposed its customers' data.

An unauthorized party gained access to certain of Networking device maker Ubiquiti information technology systems hosted by a third party cloud provider.

The compromised information included name, email address, the one-way encrypted password, account address and phone number.

Ubiquiti investigated the incident and started emailing customers to change their passwords and enable 2FA.

Source: https://www.bleepingcomputer.com/news/security/networking-giant-ubiquiti-alerts-customers-of-potential-data-breach/

TPRM report: https://scoringcyber.rankiteo.com/company/ubiquiti-

"id": "ubi135424522",
"linkid": "ubiquiti-",
"type": "Breach",
"date": "01/2021",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Networking Devices',
                        'name': 'Ubiquiti',
                        'type': 'Company'}],
 'attack_vector': 'Unauthorized access to third party cloud provider',
 'customer_advisories': 'Emailing customers to change their passwords and '
                        'enable 2FA',
 'data_breach': {'data_encryption': 'One-way encrypted password',
                 'personally_identifiable_information': ['name',
                                                         'email address',
                                                         'account address',
                                                         'phone number'],
                 'type_of_data_compromised': ['Personal Information']},
 'description': 'Networking device maker Ubiquiti suffered from a data breach '
                "security incident that exposed its customers' data. An "
                'unauthorized party gained access to certain of Networking '
                'device maker Ubiquiti information technology systems hosted '
                'by a third party cloud provider. The compromised information '
                'included name, email address, the one-way encrypted password, '
                'account address and phone number. Ubiquiti investigated the '
                'incident and started emailing customers to change their '
                'passwords and enable 2FA.',
 'impact': {'data_compromised': ['name',
                                 'email address',
                                 'one-way encrypted password',
                                 'account address',
                                 'phone number']},
 'initial_access_broker': {'entry_point': 'Third party cloud provider'},
 'investigation_status': 'Investigated',
 'post_incident_analysis': {'corrective_actions': ['Emailing customers to '
                                                   'change their passwords',
                                                   'Enabling 2FA']},
 'response': {'communication_strategy': ['Emailing customers'],
              'remediation_measures': ['Emailing customers to change their '
                                       'passwords',
                                       'Enabling 2FA']},
 'threat_actor': 'Unauthorized party',
 'title': 'Ubiquiti Data Breach',
 'type': 'Data Breach'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.