The hacker turned out to be the former employee

03.12.2021

Back to news

The hacker attack turned out to be an insider breach. According to the Security Week, Ubiquiti has got the company’s data impacted earlier this year in the alleged hacker attack.

The data breach concerned involvement of a cloud services provider. The company’s representatives were informing the customers insisting that they change their passwords just in case.

The investigation had taken some time before one of employees who was aiding the research process dropped a hint that the situation around the incident was much worse claiming that the violator gained access to the accounts and could easily misuse any confidential information which would seem appealing to him.

The employee contacted Brian Krebs, Ubiquiti suffered significant reputation loss.

Soon it appeared that the company’s former employee was accused of getting an unauthorised access to the systems, as the FBI took the investigation under control. There were charges announced against the violator by the Justice Department.

The unauthorised intrusion implied the power abuse or abuse of his administrative access. He took gigabytes of sensitive data depriving the company’s GitHub and AWS servers of privacy.

He was one of those who got assigned to investigate the incident, he asked for 50 bitcoin the company could pay him in exchange for data retrieving. The amount was equal to $1.9 million back then.

The FBI made Nickolas Sharp’s only participation obvious after finding his name on the Pay Pal account from which the VPN service was purchased. Another and probably the key evident finding was that the employee used his own IP address to access the corporate systems once when his VPN failed.