This all started as an email, that caused some debate as to being genuine but as it was posted on the Ubiquiti Forums then i think we can assume it is. I can say that i have not yet received the email so i am going to assume that means that it probably doesn't apply - although i'm going to assume it does anyway as that's the safe thing to do.
So with this hitting the news i wanted to address it to reassure my clients, that i am aware and taking all the recommended steps and precautions.
Although i'm not personally concerned, (i will explain later) - I want to reassure my clients that i take these things seriously and that I have taken the advice provided as this seems like the sensible approach and if you have a UI.com account i suggest you do the same which is to reset both your Password and 2FA details. I have seen recommendations that says with 2FA you need to remove and then re-enable it to ensure new tokens are generated.
Is this a thing?
I don't really think so, My interpretation is that like many other companies they have cloud based IT and that at some point there was some form of “unauthorised access” but we don't know what systems or what was involved. so we don't really know what it means.
I think that this could mean all sorts of things, and while there has been some speculation and claims, it could mean anything.
So until more information is provided i put this in the “awareness, advisory and recommended” box more than anything.
It is always best practice to:
- Change credentials after any unauthorised access
- Always using different passwords with different accounts (e.g. a password manager)
- Use long passwords
- Use 2FA is available.
So i think were good.
If you have not seen it the post is copied below.
We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that there has been unauthorized activity with respect to any user’s account.
We are not currently aware of evidence of access to any databases that host user data, but we cannot be certain that user data has not been exposed. This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted). The data may also include your address and phone number if you have provided that to us.
As a precaution, we encourage you to change your password. We recommend that you also change your password on any website where you use the same user ID or password. Finally, we recommend that you enable two-factor authentication on your Ubiquiti accounts if you have not already done so.
We apologize for, and deeply regret, any inconvenience this may cause you. We take the security of your information very seriously and appreciate your continued trust.