Internet of things (IoT) vendor Ubiquiti is warning customers to change their passwords after data may have been exposed.

The company is a major networking equipment vendor, selling routers, webcams, mesh networks and smart home security devices.

Go deeper with GlobalData

Premium Insights

The gold standard of business intelligence.

Find out more

Related Company Profiles

View all

In an email to customers, the company said that its systems, hosted by a third-party cloud provider, may have been accessed, with user profiles for Ubiquiti’s a web portal potentially affected.

The data “may” include names, email addresses, and one-way encrypted account passwords, meaning the passwords are hashed and salted, as well as the address and phone numbers of some customers.

Ubiquiti said that currently there is “no indication that there has been unauthorized activity with respect to any user’s account” and that there was no evidence that any databases that host user data had been accessed. However, the company said that it could not “be certain that user data has not been exposed”.

As a result, Ubiquiti is now asking customers to change their account password and enable two-factor authentication as a precaution. It also recommends that customers change any passwords for other accounts that may be the same as the one used for Ubiquiti.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The company said: “We apologise for, and deeply regret, any inconvenience this may cause you. We take the security of your information very seriously and appreciate your continued trust.”

Jake Moore, cybersecurity specialist at ESET, said:

“As breaches go, this is not as damaging as it could be, but this is yet another blow for cybersecurity, as this is a company which prides itself on security. On the other hand, this does also shine a light on how sophisticated some threat actors are becoming and how every company, whatever size, needs to constantly review its security.

“Changing passwords really doesn’t have to be a difficult task, especially if a password manager is involved. Multi-factor authentication is vital in current times to give you not only that extra layer of security but also piece of mind due to these inevitable data breaches.”

Read More: Ticketmaster fined $10m for hacking rival’s computer system