2020 ended with the rather big and bad cybersecurity news around the SolarWinds exploit that laid bare many government and company emails. If you thought that 2021 would be more positive, that clearly isn’t the case given the news of the past few days. In terms of cybersecurity, the year is starting off rather poorly for owners of Ubiquiti routers, security cameras, and other IoT products as the company started reaching out to owners to tell them to change their passwords after discovering a rather serious security breach on a third-party cloud server.
The warning emailed to device owners is pretty much your standard notification for hacking incidents. The company says that information technology systems hosted by a third-party were breached but not Ubiquiti’s servers themselves. While it says there was no immediate evidence that databases with user data were accessed, it also doesn’t discount the possibility that these were exposed.
If they were, the payload from the hacking is quite a substantial one. The databases held names, email addresses, and hashed passwords at the very least. Those, however, may also include physical addresses and phone numbers if the user provided those details when they configured their device.
Although that’s pretty much on par with most hacking incidents, Krebs on Security reports that it actually has bigger implications for the company. It turns out that Ubiquiti requires that users authenticate with those cloud-based systems before they can interact with their devices. Those same systems have now been revealed to be the weak link in that chain, causing customers to complain even louder than they have before.
Ubiquiti is telling affected customers to change their passwords and, for good measure, enable two-factor authentication or 2FA. That’s always a good idea, anyway, but won’t save users from less than ideal security policies on the other end of the line.