Ubiquiti hiccup gave customers sneak peek into others’ view.

December 17, 2023
1 min read

Ubiquiti, a maker of security and networking equipment, announced that it had resolved a misconfiguration issue that was allowing some customers to view other users’ surveillance feeds and access their accounts. The company stated that the issue was due to a cloud system misconfiguration and assured that all accounts were properly associated across their infrastructure as of Thursday evening. This incident brought concerns about a potential security breach, and many customers shared their experiences on platforms such as Reddit. Ubiquiti did not provide specific details about the number of customers affected but continues its investigation into the incident.

  • A cloud system misconfiguration allowed some Ubiquiti customers to see the surveillance footage of other users and access their accounts.
  • Ubiquiti confirmed that the problem has been fixed and all accounts are now correctly associated across their infrastructure.
  • Ubiquiti did not disclose the number of customers affected by the misconfiguration and they are still investigating the matter.

Ubiquiti customers began to report strange behavior with their notifications on Wednesday, with some receiving alerts from surveillance cameras that did not belong to them. The company’s UniFi Protect application is designed to allow users to manage and configure multiple surveillance cameras, watch live feeds and download footage. However, the misconfiguration made it possible for users to view feeds and access accounts of strangers.

Despite fixing the problem, Ubiquiti is yet to provide the specific details about the number of customers affected or the breadth of the data breach and continues to investigate the incident. The company said it believes fewer than a dozen customers had unauthorized remote access to their accounts, and it vowed to notify those affected. This comes as Ubiquiti is notifying another set of customers about a compromise of their routers by Russian cyber spies.

Although Ubiquiti maintains that only a small number of users were affected, this situation illustrates the potential risks and vulnerabilities tied to IoT devices and cloud-based services. Cases like these emphasize the need for individuals and businesses to understand the privacy and security implications of using such technologies.

Latest from Blog

Top VPN’s privacy claims confirmed by independent auditors

TLDR: Independent auditors from Deloitte Romania confirmed CyberGhost VPN’s privacy claims through a detailed audit of their systems. Auditors found that CyberGhost’s no-logs infrastructure works as expected, ensuring user data privacy. Independent

MediSecure hacked with massive ransomware data breach

Summary of ‘MediSecure hit by large-scale ransomware data breach’ TLDR: MediSecure, an Australian prescriptions provider, was hit by a large-scale ransomware attack. The incident is believed to have originated from one of

Equalizing cybersecurity for all

TLDR: A discussion on how organizations can enhance their cybersecurity posture with Blumira’s automated threat monitoring, detection, and response solutions. Blumira is working to lower the barrier to entry in cybersecurity for