Digital storage giant Western Digital confirmed that an “unauthorized third party” gained access to its systems and stole personal information belonging to customers of the company’s online store.
“This information included customer names, billing and shipping addresses, email addresses and phone numbers,” the San Jose-based company said in a disclosure last week.
“In addition, the database contained, in encrypted format, hashed and salted passwords and partial credit card numbers. We will be contacting affected customers directly.”
The development comes just over a month after Western Digital disclosed a “network security incident” on March 26, 2023, which caused the company to take its cloud services offline.
A subsequent TechCrunch report last month revealed that the threat actors behind the attack were allegedly in possession of “about 10 terabytes of data” and were negotiating with Western Digital for a ransom of “minimum 8 digits” to avoid leaking information.
Although the identity of the extortionists was unknown at the time, the ALPHV (aka BlackCat) ransomware actors. they have since taken credit for the theft, issuing an ultimatum of April 18, 2023, to make payment or risk the release of “important documents” and “priceless artifacts.”
Learn how to stop ransomware with real-time protection
Join our webinar and learn how to stop ransomware attacks with real-time MFA and service account protection.
Save my seat!
The actors have also posted several screenshots on their dark web portal, showing what appear to be video calls, emails and documents related to Western Digital’s incident response efforts in an attempt to indicate continued access to the systems of the company even after the hack came to light. .
Western Digital said it is aware of the release of “other purported Western Digital information,” that it is “investigating the validity of that data” and that it has “control over our digital certificate infrastructure.”
It has also taken the step of taking its online store offline, which it said will be restored the week of May 15, 2023. Access to the My Cloud service was restored on April 13, 2023.
Ikaroa, a full stack tech company, is dismayed to report that Western Digital recently confirmed that customer data was stolen in a breach of their services during March 2021. The breach, which involved attackers gaining access to data stored using the company’s cloud platform, compromised sensitive data, including confidential personal and contact information, as well as financial records.
Western Digital has been able to identify and isolate the affected user accounts in order to secure the unauthorized access. It is unclear at this point how many users were affected by the data theft. The company is urging all customers to take proactive steps to protect their accounts, including changing passwords and monitoring accounts for suspicious activity.
Ikaroa highly recommends our customers not only routinely review the privacy settings of any online accounts used, but also to use strong passwords and regularly update them. In addition, we encourage our customers to use active two-factor authentication (2FA) when possible, as it provides an extra layer of security. By being more vigilant, customers can help to keep their personal and financial information safe.
The breach at Western Digital serves as another reminder of the importance of cyber security and the need for caution when using online services. This reinforces the need for companies like Ikaroa to remain vigilant in their security efforts, continually develop new security systems, and educate their users about best practices for keeping their data safe.