Ubiquiti accounts hacked: Users should change their password
Ubiquiti is currently informing users to change their account password in the cloud. For example, there was possibly unauthorized access to the IT systems, one writes in an email with the subject “Account Notification”.
The company currently sends out emails to all users with a Ubiquiti account. This will advise you to change your account password and turn on two-factor authentication. If you host your Unifi Controller locally in the network, you shouldn't Prohave problem However, users with a cloud key that does not run in standalone mode do need an account, which could be affected here.
We checked the email and were able to verify that it was a real email from Ubiquiti. Also in Community forum the hint appears. Nevertheless, you should be on the safe side and check the links manually to see whether they really point to "account.ui.com“Or log in directly there.
Change password for other services as well
It is possible that users have lost their name, email address and hashed passwords. If you also have a telephone number and address stored in the account, this could also have been tapped. For security reasons, the company recommends changing the password here. to change and also to activate the two-factor authentication.
As with every hack, it cannot be ruled out whether the passwords could be used by the attackers and it is just as unclear how securely the passwords were actually stored. You should therefore change the password used in the Ubiquiti account as quickly as possible for the other affected services. In general, it is advisable to use a separate password for each service or to acquire a password manager. Two-factor authentication also ensures improved security. We have got why that makes sense in this guide explained.
Relation to the failure at the weekend?
At the weekend, Ubiquiti had to contend with a failure with exactly the cloud services mentioned above, as on the one Status page can be seen. It is not known whether the two incidents are related. But it could be the case. Thanks to BleepinComputer (via Twitter) for this food for thought.