Hackers Swipe Western Digital Customers’ Data: How It Happened & What’s Next

Written by Troy Hanson | Edited by Alisa Stepaniuk
Sections of this topic

    In this article, we’ll delve into the recent cyberattack on Western Digital and how the company is dealing with the aftermath of stolen customer data.

    Key Takeaways:

    1. Western Digital’s systems were hacked, leading to stolen customer information.
    2. The company has been working with forensic experts to assess the damage.
    3. Customers were notified of the breach and given advice on protecting their personal information.
    4. It is unclear how much damage has been done and how many people have been impacted by the breach.
    5. Hackers attempted to extort Western Digital but published some data when their demands were not met.

    The Cyberattack on Western Digital

    A significant data breach has shaken the digital storage giant, Western Digital. On March 26, the company discovered an alarming network security incident. 

    It was revealed that cybercriminals had gained unauthorized access to a number of the company’s systems.

    As a precautionary measure, Western Digital swiftly disconnected its systems and services from the public internet. 

    This action was taken to secure its business operations and prevent further damage. 

    The company has since been working diligently on its restoration process, and most of the impacted systems and services are now back online.

    Assessing the Damage: Stolen Customer Data

    In collaboration with outside forensic experts, Western Digital has confirmed that the hackers managed to obtain a copy of one of its databases. 

    This database was specifically used for the company’s online store and contained personal information of its customers.

    The stolen data included customer names, billing and shipping addresses, email addresses, and telephone numbers. 

    Additionally, the database contained encrypted, hashed, and salted passwords and partial credit card numbers. 

    This process of encrypting, hashing, and salting data makes it substantially more difficult for hackers to access the original plaintext information.

    Notifying Customers and Advising on Protection

    Upon confirming the data breach, Western Digital took immediate action to notify the customers whose data was stolen. 

    The company reached out to the affected customers through email, informing them of the network security incident involving their online store accounts.

    To help customers safeguard themselves in the wake of this breach, Western Digital offered precautionary measures to follow. 

    These measures included being cautious of unsolicited communications asking for personal information or directing to web pages requesting personal data.

    The company recommended that its customers should not click on links or download any attachments from emails that seem suspicious. 

    Additionally, the customers were advised to check the spam settings of their email accounts, so that any suspicious emails could be detected and blocked.

    Extortion Attempts and Data Publication

    Following the cyberattack, the hackers involved in the breach attempted to extort Western Digital. 

    They claimed to have stolen approximately 10 terabytes of data, which included customer information. 

    The hackers demanded a significant ransom, promising not to publish the stolen data if their demands were met.

    However, Western Digital did not comply with the hackers’ demands. 

    This defiance led the cybercriminals to publish some of the stolen data on the website of the ransomware gang Alphv. 

    In a post on April 28, the hackers threatened to share leaks every week until they lost interest, including code signing certificates, firmware, and personally identifiable information of customers.

    As of now, it does not appear that the hackers have published the full trove of stolen data. Western Digital is continuing its efforts to investigate and mitigate the consequences of this significant data breach.

    Conclusion

    The cyberattack on Western Digital has undoubtedly caused considerable concern for both the company and its customers. 

    As the company works to recover from the attack and protect its customers, it serves as a stark reminder that cybersecurity should be a top priority for businesses and individuals alike. 

    We must remain vigilant and proactive in safeguarding our sensitive information against ever-evolving cyber threats.

    Troy Hanson