On the 11th of January, the networking equipment and Internet of Things (IoT) devices provider started to send out emails to customers informing them of a recent security breach, and asking them to change their passwords and to enable two-factor authentication (2FA). 


The company declared that someone obtained “unauthorized access” to their systems hosted by a “third-party cloud provider,” where information was stored for the web portal, a customer-facing device management service. 

The vendor said that the breach included names, email addresses, and also that salted/hashed password credentials may have been compromised, alongside home addresses and phone numbers if customers input this data within the portal, without disclosing how many customers were affected by this breach. 

A few months later, a source who claims to have participated in the response to the security breach declared for security expert Brian Krebs that the incident was worse than it seemed and even described it as “catastrophic”, saying that the third-party cloud provider explanation was a “fabrication” and the data breach was “massively downplayed”. 

“It was catastrophically worse than reported, and legal silenced and overruled efforts to decisively protect customers. The breach was massive, customer data was at risk, access to customers’ devices deployed in corporations and homes around the world was at risk.”


According to this source, the cybercriminals gained administrative access to AWS Ubiquiti databases through credentials stored and stolen from an employee’s LastPass account, in this way obtain root admin access to AWS accounts, S3 buckets, application logs, secrets for SSO cookies, and all databases, including those containing user credentials. 

Heimdal Official Logo
Your perimeter network is vulnerable to sophisticated attacks.

Heimdal® Network DNS Security

Is the next-generation network protection and response solution that will keep your systems safe.
  • No need to deploy it on your endpoints;
  • Protects any entry point into the organization, including BYODs;
  • Stops even hidden threats using AI and your network traffic log;
  • Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

The cyber attackers contacted Ubiquiti and attempted to extort 50 Bitcoin (BTC) in return for silence, but the vendor did not engage with them. 

Data Breach Suffered by the California Controller’s Office

A Nine-Year-Long Data Breach was Disclosed by Malaysia Airlines

Clubhouse Chats Have Been Breached

Leave a Reply

Your email address will not be published. Required fields are marked *