New York City- based IoT device maker Ubiquiti recently disclosed a data breach that was downplayed. After news of the catastrophic data breach, the shares of the company fell significantly this week. In January, Ubiquiti informed customers that unauthorized access to some IT systems hosted by a third-party cloud provider occurred. The company said in January there was no evidence of user data being compromised, but that users should change their passwords. On March 30, cybersecurity blogger Brian Krebs reported that the incident had been massively downplayed to protect the company’s stock market value.
The attacker gained access to Ubiquiti’s AWS servers and attempted to extract 50 bitcoin to remain silent. In December 2020, Ubiquiti removed a couple of backdoors planted and changed employee credentials. Ubiquiti could not comment in detail on Wednesday after the report from Krebs, due to an ongoing investigation. Ubiquite repeated that the experts have not found evidence that user data was accessed or targeted by the attack. Ubiquiti shares have fallen to $290 from $350 a shore on March 30.