Hacking

Western Digital’s data breach just keeps getting worse

The storage manufacturer confirmed that unauthorized parties obtained customer data, and is still gauging what else the hackers may have stolen.
article cover

Francis Scialabba

· less than 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

Storage manufacturer Western Digital has acknowledged that a major breach earlier this year, which took out consumer cloud services for over a week, resulted in the loss of its customers’ data to unauthorized parties.

In a May 5 press release, Western Digital said hackers stole a database associated with online retail sales. The company identified the breach on March 26 and initially disclosed their response on April 2. The company wrote that it had worked with “outside forensic experts” over the course of its investigation.

“This information included customer names, billing and shipping addresses, email addresses, and telephone numbers,” the press release stated. “In addition, the database contained, in encrypted format, hashed and salted passwords and partial credit card numbers.”

“We will communicate directly with impacted customers,” the company added.

The release additionally acknowledged reports that “other alleged Western Digital information has been made public,” likely referring to a TechCrunch article that reported that the alleged attackers demonstrated their ability to falsify Western Digital’s code-signing certificate, and provided evidence they had obtained 10 terabytes of data. Parts of the haul seen by TechCrunch included executives’ personal data, corporate files and emails, and information from SAP Backoffice, an e-commerce management platform.

TechCrunch had reported the hackers were demanding a “minimum 8 figures” ransom, an exorbitant amount by cybercrime standards.

It’s not clear how many customers were affected, although one Western Digital client shared a copy of a notification email with TechCrunch. Ransomware group Alphv (aka BlackCat) has taken credit for the incident, Hacker News reported, and has issued threats and taunts alongside various screenshots intended to demonstrate the breadth of their access.

Charlie Smalling, a PR rep for Western Digital, declined to comment beyond the May 5 press release.—TM

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.