Western Digital Confirms Theft of Customer Data by Hackers
Western Digital, a leader in digital storage, acknowledged that an “unauthorized third party” broke into its network and stole consumer personal information from the company’s online store.
The San Jose-based company said in report last week that:” This information included customer names, billing and shipping addresses, email addresses and telephone numbers, In addition, the database contained, in encrypted format, hashed and salted passwords and partial credit card numbers. We will communicate directly with impacted customers”
The change occurs just over a month after Western Digital disclosed a “network security incident” on March 26, 2023, which led the business to suspend its cloud services.
Following the incident, TechCrunch reported last month that the threat actors were purportedly in control of “around 10 terabytes of data” and were negotiating with Western Digital for a ransom of “minimum 8 figures” to prevent the material from being leaked.
At the time, the extortionists’ identities were unclear, but later, ALPHV (also known as BlackCat) ransomware operators claimed responsibility for the theft and gave a deadline of April 18, 2023, to pay up or risk losing “important documents” and “priceless artifacts.”
In an effort to show continuing access to the company’s systems long after the hack became public, the actors have also posted a number of screenshots on their dark web domain, showing what appear to be video calls, emails, and documents relating to Western Digital‘s incident response activities.
Western Digital stated that it is aware of the release of “other alleged Western Digital information,” that it is “investigating the validity of this data,” and that it has “control over our digital certificate infrastructure.” However, the business did not say how many consumers were impacted.
Additionally, it said that it will be restoring access to its online store during the week of May 15, 2023. On April 13, 2023, access to the My Cloud service was re-established.
Our Readers ALSO READExperts Detail New Zero-Click Windows Vulnerability