Brother
Professional
- Messages
- 2,590
- Reaction score
- 539
- Points
- 113
Users are concerned because of an error linking them to other people's devices.
Over the past 24 hours, users of Ubiquiti's popular line of wireless devices, UniFi, have reported receiving private video footage from cameras and managing devices owned by other users. This is reported by posts published on the social network Reddit.
One Reddit user said that his wife received a notification from UniFi Protect with an image from a security camera that does not belong to them. Two images were attached to the post: the first showed a traffic alert in a three-story courtyard surrounded by trees, and the second showed a user panel showing a completely different house.
Less than an hour later, another user in the same thread reported that when logging in to the site unifi.ui.com it ended up in someone else's account. Despite the fact that his email address was displayed in the corner of the screen, you could control someone else's UDM Pro device, including viewing and changing settings.
Other participants also reported similar problems. On Reddit, there were posts about UniFi users connecting to private devices or channels owned by other people. One of the posts included screenshots showing a video from an unfamiliar business that the user had full access to.
Another user wrote that when logging in to their account, Ubiquiti found another person's system management. The problem disappeared after logging out and clearing cookies.
On Thursday, Ubiquiti said it had discovered and fixed the bug. It turned out that due to the update of the UniFi cloud infrastructure, 1,216 Ubiquiti accounts were incorrectly linked to another group of 1,177 accounts. For a certain amount of time, users in one group received notifications and had temporary access to accounts in another group.
Ubiquiti actively responded to reports of the problem, emphasizing the seriousness of its attitude to the incident. The company's employees assure that the problem has been fixed and will not happen again.
Recall that similar incidents with incorrect login to accounts and access to other users ' data have already occurred on the Internet, including errors of T-Mobile, Chase Bank and other companies. This is often due to caching data in intermediate devices, which can sometimes lead to mixing of credentials from different accounts.
Over the past 24 hours, users of Ubiquiti's popular line of wireless devices, UniFi, have reported receiving private video footage from cameras and managing devices owned by other users. This is reported by posts published on the social network Reddit.
One Reddit user said that his wife received a notification from UniFi Protect with an image from a security camera that does not belong to them. Two images were attached to the post: the first showed a traffic alert in a three-story courtyard surrounded by trees, and the second showed a user panel showing a completely different house.
Less than an hour later, another user in the same thread reported that when logging in to the site unifi.ui.com it ended up in someone else's account. Despite the fact that his email address was displayed in the corner of the screen, you could control someone else's UDM Pro device, including viewing and changing settings.
Other participants also reported similar problems. On Reddit, there were posts about UniFi users connecting to private devices or channels owned by other people. One of the posts included screenshots showing a video from an unfamiliar business that the user had full access to.
Another user wrote that when logging in to their account, Ubiquiti found another person's system management. The problem disappeared after logging out and clearing cookies.
On Thursday, Ubiquiti said it had discovered and fixed the bug. It turned out that due to the update of the UniFi cloud infrastructure, 1,216 Ubiquiti accounts were incorrectly linked to another group of 1,177 accounts. For a certain amount of time, users in one group received notifications and had temporary access to accounts in another group.
Ubiquiti actively responded to reports of the problem, emphasizing the seriousness of its attitude to the incident. The company's employees assure that the problem has been fixed and will not happen again.
Recall that similar incidents with incorrect login to accounts and access to other users ' data have already occurred on the Internet, including errors of T-Mobile, Chase Bank and other companies. This is often due to caching data in intermediate devices, which can sometimes lead to mixing of credentials from different accounts.
