International Cyber Expo International Cyber Expo
  • About Us
Friday, 10 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Ubiquiti accused of downplaying a “catastrophic” security breach

The source said the breach was much worse than Ubiquiti let on

by The Gurus
April 1, 2021
in News
Share on FacebookShare on Twitter

American journalist and investigative reporter Brian Krebs reported this week that a whistleblower has alleged that Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras, has  massively downplayed a “catastrophic” incident to minimize the hit to its stock price.  and that the third-party cloud provider claim was a fabrication. Back in January, Ubiquity disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. According to an anonymous source that contacted KrebsOnSecurity, the third-party cloud provider claim was a fabrication.

Commenting on the news, Paul Norris, senior systems engineer, EMEA, at Tripwire, stated: “In this particular case, Ubiquiti suggested the fault was with a Cloud Provider, when in fact the faults appear to be Ubiquiti. They failed to take responsible actions and decided to play down the breach for the sake of their share price.” 

“This is a prime example where the organisation is responsible for the security controls within Cloud environments and not necessarily the Cloud Service Provider. The CSP provides the platform and tools for organisations to secure their environments and should not be held accountable for weakened security. Hardening systems is best way for organizations to secure their cloud and prevent inadvertent exposure,” Norris added.

Robert Meyers, Channel Solutions Architect, CISM, CDPSE and Fellow of Information Privacy at One Identity, said that, when a major IoT provider has a breach, it reaches across industries and brings up questions of privacy and security.  “Well, it happened. While Ubiquiti was breached in January, details that have come to light this week highlight the importance of what can happen when you do not manage three areas with the concept of both privacy and security: privileged access management, log management, and least privileged access,” said Meyers.

Robert Meyers offered some further observations and recommendations:

Today if you have privileged accounts, they simply need to be managed like privileged accounts.  They need to have multiple layers of security.  They need to have auditing, which happens in real-time for at least the basics. Access for privileged use has to be restricted to the minimum access required to do the job, yes that touches on least privilege which goes hand in hand.  If you don’t manage your privileged accounts in business, then you are ignoring security.

Now if log management was a control point, it could have been caught quicker, and if the logs were managed, they would allow a live track down of who did the deed, instead of the waffling we have seen.

And least privilege. Companies need to stop making universal access accounts.  You can only breach what you can access.  So don’t give people access to what may be tens of millions of accounts… and whatever else those files included.

In the world of privacy laws and compliance requirements, you need a data lifecycle for all your data.  It should cover creation, use, storage, and deletion.  And all this should include pseudonymization of the data when it cannot be anonymized, in addition to encryption and general security.

It’s time to get with the times and not be stuck announcing breaches, let alone for details needing to rely on a whistleblower that speaks on the condition of anonymity for fear of retribution.  Secure your company, and be able to stand up tall and say what your company has done for its customers.

 

ShareTweet
Previous Post

North Korean hackers targeting Google researchers

Next Post

IoT and IIoT security a major concern for security pros, research finds 

Recent News

Cyber Shield

UK Government Unveils AI Powered Cyber Shield to Strengthen National Cyber Defense

July 10, 2026
KnowBe4 phishing by industry

Healthcare, Hospitality and Construction Named UK’s Most Phishing-Prone Industries

July 10, 2026
hand typing on keyboard

CitrixBleed 2 exploited in repeatable attack chain culminating in DragonForce ransomware, researchers find

July 9, 2026
malware

Huntress Uncovers ‘Vibe-Coded’ Malware Used to Map Active Directory Environments

July 8, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol