News
News Categories

Western Digital suffers network breach, says hackers stole data (Updated with hackers' demands)

By Kenny Yeo - on 14 Apr 2023, 9:43am

Western Digital suffers network breach, says hackers stole data (Updated with hackers' demands)

Note: This article was first published on 4 April 2023 and was updated on 14 April 2023 with extra details surrounding the breach.

(Image source: Western Digital)

Western Digital confirmed in a statement that the company suffered a "network security incident" last week.

The incident occurred on 26 March 2023 and "an authorised third party gained access to a number of the company's systems."

An investigation is underway. Immediately after discovering the incident, Western Digital said it implemented "incident response efforts" and initiated an investigation with "the assistance of leading outside security and forensic experts."

That said, based on the evidence found so far, Western Digital believes the hacker has likely accessed and stolen some company data.

In addition, TechCrunch reports that the incident could be linked to ransomware.

In the meantime, Western Digital is taking measures to ensure customers' data remain safe and has taken several of its systems and services offline.

At this point, Western Digital's My Cloud service status webpage shows that all of its My Cloud services are down. This means owners of My Cloud NAS systems cannot access their files through the internet.

**Update on 14 April 2023**

According to a report from TechCrunch, the hackers who breached Western Digital claims to have stolen around 10TB of data which includes customer data. The hackers also shared screenshots showing a folder from a Box account, an internal email, and files stored in a PrivateArk instance. They also showed a screenshot of a group call where one of the participants is allegedly Western Digital's chief information security officer.

More worryingly, the hackers demonstrated that they could impersonate Western Digital by sharing a file that was digitally signed with Western Digital's code-signing certificate. Two security researchers who looked at the file agreed that it was indeed signed with the company's certificate.

The report goes on to say that the hackers want a "one-time payment" of a minimum of eight figures

The hacker who spoke with TechCrunch said:

We are the vermin who breached your company. Perhaps your attention is needed! Continue down this path and we will retaliate.

We only need a one-time payment, and then we will leave your network and let you know about your weaknesses. No lasting harm has been done. But if there are any efforts to interfere with us, our systems, or anything else. We will strike back. We are still buried in your network and we will keep digging there until we find a payment from you. We can completely conceal this and make it all disappear. Before it is too late, let us do that. Until now, you have been gracious; Let’s hope that you do not keep going the wrong way.

Western Digital reportedly declined to comment or answer questions about the hacker's claims. Earlier, the company said that it would provide "updates as appropriate" but have yet to do so since issuing a formal statement on 2 April 2023.

Source: Western Digital via Business Wire, TechCrunch

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.