Ubiquity, a maker of video surveillance and network cameras, has fixed a flaw that users say accidentally allowed them to access other customers’ private accounts and live video streams.
Reports Appeared for the first time On Reddit that some Customers received push notifications On their phones it displays information related to their Ubiquiti account and private video streams of other customers. Another person said he logged into his Ubiquiti account but… Another customer’s account information has been provided.
“I’m logged in and it looks like I’m someone else,” one person said on the Ubiquiti subreddit. Another said they have “full access” to dozens of consoles that aren’t theirs.
Ubiquiti is a cloud and technology company that makes routers, network switches, and security and video surveillance equipment, which can be controlled and operated remotely through its centralized cloud offerings.
in Later post in his community forumUbiquiti said it “identified — and addressed — the cause of this issue,” which the company said was caused by an upgrade to its cloud infrastructure.
“We have been made aware of a small number of instances where users received push notifications on their mobile devices that appeared to come from unknown consoles, or where these users gained access to consoles that did not appear to be their own,” he wrote in a message. An unnamed Ubiquiti employee.
The company said that 1,216 accounts from one group were incorrectly linked to another group of 1,177 accounts, and that mixed access continued for approximately nine hours on December 13.
Although this appears to be a misconfiguration rather than a criminal incident — and mistakes do happen — it is a reminder that Ubiquiti still maintains broad access and control over its customers’ devices and data.