Network equipment and IoT device maker Ubiquiti Networks has sent out emails to its customers informing them of the hacker attack. It is reported that unknown attackers could gain access to user information.
“We recently became aware of unauthorized access to some of our IT systems hosted by a third-party cloud provider,” the developers write.
It is known that the compromised servers stored information related to user profiles on account.ui.com (a web portal used by Ubiquiti customers who purchased one of the company’s products). This site is used for remote device management and as a help and support portal.
As a result, attackers gained access to servers where data about UI.com users was stored, including names, email addresses, and salted and hashed passwords. They could also “leak” home addresses and phone numbers, but only if people themselves filled in this data in their profile.
The exact number of victims has not been reported. The company asks all users who receive the email to change their passwords and enable two-factor authentication. In a statement, Ubiquiti Networks representatives emphasize that they have not yet observed any attempts to gain unauthorized access to the accounts of affected customers.