Ubiquiti says customer data may have been accessed in data breach

Ubiquiti, one of the biggest sellers of networking gear, including routers, webcams and mesh networks, has alerted its customers to a data breach.

In a short email to customers on Monday, the tech company said it became aware of unauthorized access to its systems hosted by a third-party cloud provider. Ubiquiti didn’t name the cloud company, when the breach happened or what caused the security incident. A company spokesperson did not respond to requests for comment.

But the company confirmed that it “cannot be certain” that customer data had not been exposed.

“This data may include your name, email address, and the one-way encrypted password to your account,” said the email to customers. “The data may also include your address and phone number if you have provided that to us.”

Although the email says passwords are scrambled, the company says users should update their passwords and also enable two-factor authentication, which makes it harder for hackers from taking the stolen passwords and using them to break into accounts.

Ubiquiti account users can remotely access and manage their routers and devices from the web.

The networking company quickly followed its email with a post on its community pages confirming that the email was authentic, after several complained that the email sent to customers included typos.