 Tom here from Lawrence Systems. And if you haven't done so already, go change your password and your 2FA for your ubiquity account. They suffered some type of data breach, and they're rather vague about what type of data breach they suffered, which is kind of be expected. I'll leave a link to the Krebs article on it, which doesn't really have a ton of information other than how to reset your 2FA. And then he links to the account notification, which was also sent out to many people via email to let you know that the breach occurred. Now, not many details are in here, and this is not a justification, this is an explanation. When lawyers get involved, they want to avoid certain levels of litigation and protect these companies. So, to avoid litigation, they limit the communication. And, like I said, I'm not justifying, I'm just kind of giving the statement of what happens in large companies, especially publicly traded ones with lots of money and lots at stake. Well, they have an incident. They're generally relatively quiet about this. This is in certain name of any company. You rarely get solid debriefs on security incidents. I actually applaud Microsoft, who's been rather forthcoming regarding the recent SolarWinds incident, and had quite a bit of information, same with FireEye and things like that. But they are specialty companies with even bigger legal teams, and I think most of the time when you are even the size of your ubiquity, lawyers just say, shut up. And reality is, no one from the technical team really wants to sit in court, unpaid, explaining nuanced details of cybersecurity and what not to a general audience of people in some type of litigious lawsuit or class action lawsuit or anything else because of the way they worded something. So, you'll find most people just shut up about it because, like I said, court's no fun. Back to the things you should do that ubiquity should have done better though is say, hey, reset your password and your 2FA. Krebs mentioned that in his article. Ubiquity didn't mention it in their official statement. I mean, I agree they should have done it. I don't know what else to do about it. And like I said, I don't think we're going to get a ton more information on this particular topic. But that being said, this is me addressing it because people have tagged me and Twitter posted over and over and don't understand that they should probably just comment on the one forum post. They've now created numerous forum posts in my forums, numerous places on Reddit. Everyone just asking the same thing. What do you know? What do you know? We're not likely to know much unless someone from Ubiquity quietly leaks something. And trust me, that person does not want to put their official name on it. And maybe we'll get some type of debrief. This doesn't occur in occasionally places like bleeping computer. Get some inside scoop on things from somebody inside the company. It may remain anonymous, but that's all we know. Now, they did mention it was third party. They did not mention who the third party was. I will address this because me and Riley had a conversation about this last night. That third party is not Hostify. Unify has no direct relationship with Riley Chase. We talked about this. He did call his company Hostify and Unify. He is playing off of a name to some name recognition, but there is no actual relationship to the company. Matter of fact, he just created a service that offers Unify hosting and Unify doesn't even offer Unify hosting anymore. So it was not even a competitive service, but they're separate entities. So they did not share any data with Riley Chase that could have been leaked. There's no relationship there, but Riley's been hammered a little bit by messages himself going, are you the third party? And he's like, no, I am not a third party to that. So I will address that. We don't know who the third party is at this time. Maybe more information will come out later. Honestly, these videos are less fun to make because they're going to have this little trend of popularity and then some other company is going to get breached and you're going to completely forget that the Unify ever had a breach just like so many other companies. When I bring up the any security incidents, I've brought up other companies and people are like, they were breached. I'm like, yeah, only a year ago and everyone's like, I don't remember that. I'm like, yeah, the cybersecurity world happens fast and incidents are well, unfortunately, very frequent. And it gets lost in the news that major companies have breaches just on a pretty regular basis. And it's an unfortunate side effect of the collision of security budgets, sometimes not being enough or misconfigurations because security is rather challenging and the attackers only have to be right once in a while. One final thing. I don't think there's a ton of worry, but there is certain concerns, of course, of people who keep their cloud accounts registered and people ask me about that when you use their cloud to tie in. I actually avoid that even for our customer stuff with the exception of the Unify video because it's greatly convenient to do so. For the most part, when it comes to critical infrastructure, especially, you know, routing and switching, I, well, we don't even use Unify for routing, but we'll say switching and access points. The controllers are behind firewalls, not publicly accessible. And then VPN is how we actually get to the admin interfaces on those. So I don't usually tie things to those cloud accounts. And this is one way you can help mitigate some of the risk. So it's not as concerning from a, you know, who might have accessed it or any of those details because I'm not tying that in there. Now, unfortunately, if you have something like one of the Unify Dream Machines or the Dream Machine Pro, they require registration with their site. So there is obviously a little bit more concern because that registration was required to get those devices set up. I've complained about that in the videos in the past regarding those devices. I wish that was not a feature. And some people are pretty adamant. They don't ever want to buy one of those because of that feature. And I tend to agree with you on that. I don't think devices should be forced into some type of cloud registration because once they are, if they discontinue that particular cloud, then so does the device. The device becomes a brick because it can't be registered anymore. And that's unfortunate about not just Unify, but this has happened with other companies. So go change your password, reset your 2FA, which Unify should have said that you should do. Read the Krebs article. I don't know if more news is to come on this or not. Reading around and through the back channels that I know, even nobody really seems to know much about it. It also could be a very simple, like they found a misconfigured bucket. It could be that simple. And then they're just following due diligence and reporting it. They said that they don't see any of this being compromised. Time will tell if that password leaks out, if that database is found on a dark web. Then we'll have more answers, but right now we don't. So that's where it sits right now. And you can stop posting new threads in my forum and new threads on Reddit and tagging me on Twitter. Yes, I'm aware of the Unify breach. Thank you. And thank you for making it to the end of the video. If you liked this video, please give it a thumbs up. If you'd like to see more content from the channel, hit the subscribe button and hit the bell icon if you'd like YouTube to notify you when new videos come out. If you'd like to hire us, head over to laurancesystems.com. Fill out our contact page and let us know what we can help you with and what projects you'd like us to work together on. If you want to carry on the discussion, head over to forums.laurancesystems.com where we can carry on the discussion about this video, other videos or other tech topics in general, even suggestions for new videos. They're accepted right there on our forums, which are free. Also, if you'd like to help the channel in other ways, head over to our affiliate page. We have a lot of great tech offers for you. And once again, thanks for watching and see you next time.