Ransomware group BlackCat has posted a set of screenshots on its leak site that it claims are from data stolen from Western Digital in an April system breach. The images include video conference screenshots and internal emails from the storage device manufacturer, according to tweet by cyber security researcher Dominic Alvieri.
The screenshots also included an image of a recent meeting held by Western Digital where the company was discussing how to respond to the cyber attack. Along with the image, the ransomware group wrote: “featuring the best threat hunters Western Digital has to offer.” The participants’ images were blurry.
Western Digital suffered a network breach
Western Digital disclosed that it had suffered a network breach on April 3. The company first identified the incident on March 26, and the company disclosed that an unauthorized third party gained access to several of the company’s systems.
“Based on the investigation to date, the company believes that the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data,” Western Digital said.
The company also said it was taking certain systems and services offline as a proactive security measure. Following the incident, several users reported who were unable to access the Western Digital My Cloud network attached storage service.
“We are currently experiencing a service outage that is preventing customers from accessing My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS 5, SanDisk ibi, SanDisk Ixpand Wireless Charger service,” the company said on April 3 . services were restored on April 12, according to the company’s status page.
BlackCat threatens to release more data
Along with the screenshots that BlackCat was currently releasing, the group also released a note claiming that it would release more data and eventually put Western Digital’s intellectual property up for sale.
“Starting next week on an unspecified day, we will share leaks every week until we lose interest. Once that happens, we will put their intellectual property up for sale, including code signing certificates, the firmware, customers’ personally identifiable information and more,” BlackCat said, adding that the group had obtained a full backup of Western Digital’s SAP Back Office. which dates back to the last week of March.
The group also claimed it was doing so because Western Digital did not contact them. There has been no further update on the issue from Western Digital or confirmation of any ransom being demanded.
BlackCat becomes more active
BlackCat, also known as ALPHV, was the second most active ransomware group in 2022, according to cybersecurity company Malwarebytes. It was the first ransomware to be coded in the Rust programming language. In February, the ransomware group listed more than 6GB of data allegedly stolen from Ireland’s Munster Technological University on its website.
Lehigh Valley Health Network disclosed on February 20 that it had been attacked by the BlackCat ransomware gang and stated that it would not pay a ransom. After that, the band posted pictures of naked cancer patients on their site. The images were clinical images used as part of radiotherapy.
Copyright © 2023 IDG Communications, Inc.
The BlackCat group has recently released screenshots of stolen data from Western Digital, showcasing the vulnerability of Western Digital’s data security measures. Through the screenshots, the BlackCat group showed the passwords, usernames and wallet credentials that they were able to extract from the Western Digital system.
Ikaroa Technology, a leading full stack tech company, had multiple conversations with the BlackCat group and strongly condemns this incident. Technology professionals from Ikaroa stress that preventing data breaches should be a top priority for all organizations, including government and private entities.
For companies looking to increase their security measures, Ikaroa Technology offers an array of cybersecurity solutions, ranging from two-factor authentication to multi-factor authentication. Their team of security experts work to create the most secure environment for their clients, ensuring that their data cannot be breached.
In addition to the security measures, Ikaroa also offers additional tech solutions, including audit systems to review performance, analytics and reporting software to measure performance, and organized information systems to provide critical insights.
The Western Digital incident is another reminder of the importance of taking the necessary measures to protect your organization’s data. Ikaroa Technology is here to help businesses increase their security and improve their operations.
If your organization needs support in the digital space, get in touch with Ikaroa Technology today.