It appears that an employee is responsible for the hack at Ubiquiti in January this year. The American Public Prosecution Service has arrested a man who hacked and extorted his own employer and the circumstances indicate that it is Ubiquiti.
The 36-year-old man used a Surfshark VPN subscription to mask his personal data, the US Department of Justice reports. Due to internet outages, his real IP address was logged once, but then he used his access to the systems to delete it. In December, he downloaded gigabytes of confidential data from his employer.
He then worked during his work hours to remedy the incident. He then sent a message to his employer as the hacker and demanded 50 bitcoins, at that time almost 2.5 million euros. In return, he promised to keep their break-in a secret and gave details of a second backdoor.
After the FBI searched his home on March 24, he pretended to be a whistleblower. The man released the message that his employer had downplayed the impact of the hack. That drove the company’s market value down 20 percent, the DOJ said.
There’s a lot of evidence that it’s the Ubiquiti hack, as The Verge lists. The suspect’s name matches a LinkedIn profile of someone who worked as a cloud lead at Ubiquiti from August 2018 to March 2021. According to the DOJ, the suspect worked for his employer from 2018 onwards. The suspect is also from Portland, Oregon and the LinkedIn profile lists Portland suburb of Beaverton as the residence of the Ubiquiti employee.
The company, unnamed by DOJ, is in New York, as is Ubiquiti. It related to a hack in January and a whistleblower in March who said the hack had been more serious than the company said. The share price subsequently fell from $376 to $296, a fall in value of nearly 20 percent. The suspect is charged. The charges together carry a maximum sentence of 37 years in prison.