Ransomware

Western Digital’s cloud storage service went down for days due to breach

Western Digital hasn’t clarified the nature of the incident, but says unauthorized parties may have accessed ‘certain data.’
article cover

Petesphotography/Getty Images

less than 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

Storage device manufacturer Western Digital (WD) experienced a breach that knocked out its My Cloud digital service, locking users out of their files for days—and the hackers now claim to have reams of internal and customer data.

On April 3, WD issued a statement disclosing it had identified a “network security incident” on March 26, resulting in an “unauthorized third party” gaining access to company systems. The company added it had begun shutting down services and systems as part of a proactive security measure.

“Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts,” WD wrote in the statement. “The Company believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data,” the statement continued.

WD did not include further details about the nature of the security incident in the statement. However, TechCrunch reported being contacted by hackers who claimed to have lifted 10 terabytes of data from the manufacturer, and who also provided “a file that was digitally signed with Western Digital’s code-signing certificate,” demonstrating their ability to impersonate the company.

The hackers told TechCrunch they had stolen data from Western Digital’s SAP Backoffice—an e-commerce platform—as well as other files, including internal communications, files from storage instances, and information on executives and customers. They are demanding a “minimum 8 figures” ransom, according to TechCrunch.

Western Digital PR rep Charlie Smalling declined to comment beyond the company’s original statement.

According to Ars Technica, users began reporting outages of My Cloud Home and Cloud OS 5 services as early as April 2. WD’s official status page for those tools continued to list them as offline until April 12. A search on Twitter showed dozens of users complaining about an inability to access their files, with some stating the ongoing outage had kept them from working.

Some users may even be locked out of files stored on devices in their own homes, Ars Technica reported. That’s because enabling local network access to My Cloud-synced storage devices requires logging in through a WD portal that is among the affected services.—TM

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

I
B