(1 votes, average: 5.00 out of 5)
Cybercriminals reportedly stole 10 TB of data from Western Digital, a US-based data storage provider and the market leader in data storage, saying that the data contained client information.
According to news reports, hackers make a ransom demand of “minimum 8 figures” in return for withholding the stolen stuff from being made public online.
Western Digital reported, “Based on the investigation, we have learned that, on or around March 26, 2023, an unauthorized party gained a copy of a Western Digital database that contained limited personal information of our online store customers”.
Late Friday afternoon, the organization alerted customers via email about this security breach, informing them that their personal information was included in a Western Digital database that malicious actors had stolen during the activity.
“The details included the clients’ names, invoicing and delivery addresses, email addresses, and contact information. As a measure of security, the relevant database maintained hashed passwords and partial credit card details in an encrypted format.”
In a discussion with TechCrunch, one of the cybercriminals discussed the data breach in detail.
“The hacker shared a file that was digitally signed with Western Digital’s code-signing certificate, proving they could now digitally authenticate files to impersonate Western Digital,” the news story stated.
Additionally, they could access the company’s SAP Backoffice, a back-end interface designed to help organizations keep track of information related to online sales.
The hackers reportedly exchanged phone numbers used by several organization executives.
WD (Western Digital) claimed to be taking vigorous measures to protect its corporate activities. These actions include deactivating systems and services.
Renowned security and forensic experts supported the organization in initiating an investigation when the security problem was discovered and developing incident response measures, stated Western Digital.
Stern Digital is acting diligently to repair damaged infrastructure. According to Western Digital, it believes the malicious party accessed specific information from its systems under the investigation conducted. The organization attempts to figure out the nature and scope of the data.
While Western Digital is concentrating on fixing the security breach, it noted that specific aspects of the organization’s business activities had been affected and may continue to do so. Furthermore, WD advises impacted consumers to be attentive for spear-phishing attempts to harm them, in which cyber actors masquerade as the company and exploit the data they have obtained to collect more personal information from clients.
Western Digital discovered its network had been breached the day after it had experienced a cyberattack. The company pulled down its cloud services for a period of two weeks, along with its mobile, desktop, and online applications, in response to the incident.