Western Digital confirms that hackers managed to access the personal data of its customers during the cyberattack of April 2023. The online sales platform is still out of service…
Western Digital is in turmoil! More than a month after suffering a cyberattack, the manufacturer of popular storage systems (hard drives, portable drives, NAS, servers, etc.) finally recognizes that hackers have indeed accessed its database, stealing personal information from customers, leading to the suspension of online sales on the site. As a reminder, the company had announced on Monday April 3, as reported The BusinessWire, having suffered a cyberattack on March 26, during which an unauthorized third party had been able to access a certain number of systems, without the company giving more details as to the nature of the data. The mystery is now solved…
Western Digital hack: the online sales platform suspended
During this attack, hackers gained access to customers’ names, shipping addresses, email addresses and phone numbers. This database also contains passwords and partial credit card numbers, but Western Digital claims they were encrypted. A statement that goes in the direction of the information revealed by the group of criminals to Techcrunch in April, which said it recovered 10TB of data, including personal phone numbers of Western Digital executives, internal emails and data on e-commerce operations. They claimed to have demanded a ransom “at least 8 digits” – or at least $10,000. Some of this data had also been made public on a hacking forum, with the threat of revealing everything if the ransom was not paid.
Another worrying point: the cybercriminals had also indicated that they still have access to the servers and can create code signing certificates – which ensure users that the code they receive has not been modified or corrupted during mail. On this point, the company ensures that it always has control of its digital certificate infrastructure and that, “in the event that we should take preventative measures to protect customers, we may revoke the certificates”. Access to its online sales platform is still suspended, at least until May 15. Western Digital advises its customers to beware and change their passwords. They’ll have to expect targeted messages impersonating the company’s name over the next few months…
Western Digital hack: online services blocked
This unexpected visit had impacted some of Western Digital’s services as well as its commercial activities. Thus, all of the My Cloud, My Cloud Home, My Cloud Home Duo, and My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger services were inaccessible during, the firm having blocked them to avoid any additional problems. Cloud, push notifications, authentication, email, proxy, and web services were also down. Also no need to rely on customer support, as helpdesk was overwhelmed, not to mention unable to access data as services were down.
Western Digital immediately contacted law enforcement and said it had “implemented incident response efforts” And “launched an investigation with the assistance of leading outside security and forensic experts”. The affected infrastructure was restored on April 12, as indicated service status page. This is not the first time that the company has been the victim of hacking! Already in June 2021, the manufacturer’s network storage (NAS) servers had been affected by security breaches, which had allowed attackers to reset the devices remotely – which had deleted tens of TB of data users in just a few minutes.