Ubiquiti is accused of covering up a catastrophic data breach
Ubiquiti, a company whose customer-class routers have become synonymous with security and manageability, is facing charges of covering up a catastrophic security breach.
After 24 hours of silence, the company issued a statement that did not dismiss any of the whistleblower's claims.
Ubiquiti originally emailed its customers about a supposed minor security breach in a third-party cloud service provider on January 11th.
But cybersecurity news site KrebsOnSecurity noted that the hack was actually much worse than Ubiquiti talked about.
Ubiquiti itself appears to have been compromised, and the company's legal team has blocked efforts to accurately inform clients about the risks.
- According to the information, the hackers gained full access to the company's AWS servers - Ubiquiti left the primary admin logins in the LastPass account.
- The hackers could access any Ubiquiti network equipment that customers had prepared for control over the company's cloud service.
- They also managed to obtain cryptographic secrets for single-entry and remote access cookies, the entire content of source code control, and hacking of signature keys.
In its new statement, the company reiterated its view that it has no evidence to indicate that any user data has been accessed or stolen, Ubiquiti's statement also confirms that the hacker attempted to blackmail her for money.
But the company does not keep logs, which would serve as evidence of who entered or did not access the compromised servers.
The company admits that its IT systems have been accessed, and many technologists trust the company's network equipment, as it has promised full control of the network without concerns over cloud-based solutions.
Ubiquiti has failed to properly communicate with its customers, and users are only being asked to change passwords, but the most appropriate response is to immediately close all accounts and require a password to be reset.