Is this real has anyone received the fillowing:
Rec from ubnt.com
nothing on their website don’t trust
We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that there has been unauthorized activity with respect to any user’s account.
We are not currently aware of evidence of access to any databases that host user data, but we cannot be certain that user data has not been exposed. This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted). The data may also include your address and phone number if you have provided that to us.
As a precaution, we encourage you to change your password. We recommend that you also change your password on any website where you use the same user ID or password. Finally, we recommend that you enable two-factor authentication on your Ubiquiti accounts if you have not already done so.
Change Password
Enable Two-Factor Authentication
We apologize for, and deeply regret, any inconvenience this may cause you. We take the security of your information very seriously and appreciate your continued trust.
I also received it. I Just made an account to look if anyone had some more info on this. Local tech websites have reported on it but the mail is very vague to what products are affected or what’s going on.
The sent the email out as soon as they were aware of the breach, before verifying what was accessed/stolen. That is responsible of them. They don’t know what was accessed, but have clearly laid out the maximum that could have been accessed based on the breach.
The “product” affected is their single sign on / cloud infrastructure.
I wouldn’t be surprised if something is going on there… Lots of strange discussions in the forums. Possibly they have been properly hacked. “Confirmed official” is a little strange, considering that UI-Team has no previous posts. registered August 28 2020
People are also complaining about credit card only used for Unifi have been used elsewhere.
This just make ZERO sense…
We recently became aware of unauthorized access to certain of our information technology systems
on the Ubiquiti Discord (which is unofficial, but several confirmed Ubiquiti employees hang out there and say things sometimes) UI-Glenn wrote:
You will all receive an email regarding it eventually, you can start changing without the email.
Which is why I say its “confirmed official”.
UI-Team on the forums was introduced in August because the forums were becoming very toxic towards specific team members. So now any post by any team member has its username changed to UI-Team. You can still tag specific UI accounts on the forum.
Your quote from the email is missing the most important part:
certain of our information technology systems hosted by a third party cloud provider
It was the third party that was hacked, not Ubiquiti. This also partially accounts for why Ubiquiti hasn’t talked about all the details yet - they may not have them. There may also be contractual obligations between them and the provider.
Starting to gain traction Brwainer. Looking legit.
People should go direct to change the password as most of us usually stressed IT guys will never just click.
Poor show from UniFi not putting out a public statement. And a crappy response just now on their forum trying to verify all the post starting to pile up there.
I had the same thought and checking Unifi’s website and seeing nothing my reaction was this a fishing attempt. Ubiquiti needs to be forthcoming with responses with public announcements as well as email so as not to cause confusion or misdirection for net admins.