Western Digital confirms breach, shuts down systems

NAS users unable to access data

clock • 2 min read
Security researchers have speculated that the incident could be ransomware-related
Image:

Security researchers have speculated that the incident could be ransomware-related

US-based storage services provider Western Digital has shut down its My Cloud consumer cloud and backup service due to a systems hack.

On 26th March the company detected a security incident where it says an "unauthorised third party" was able to access several systems.

The investigation is still in its early stages, and Western Digital is working with law enforcement to manage the situation.

"Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts," Western Digital said.

The company says it has found evidence showing that the intruder obtained some of its data, although the extent of the leak is still being determined.

Western Digital is now taking steps to enhance its security protocols, including temporarily shutting down certain systems and services.

The firm is working to restore affected infrastructure and services now, but there could still be some disruption to business operations.

Since Sunday, a number of users of the My Cloud network-attached storage (NAS) service have reported issues accessing their cloud-hosted media repositories. Attempts to log in, including for the Home version, have resulted in a "503, service temporarily unavailable" error message.

The service outage has impacted a range of its products and services, including the following devices:

  • My Cloud
  • My Cloud Home
  • My Cloud Home Duo
  • My Cloud OS5
  • SanDisk ibi
  • SanDisk Ixpand Wireless Charger

Western Digital is a major storage manufacturer, known for its Western Digital and SanDisk brands that produce spinning and solid-state hard drives, portable drives, USB drives and storage media for digital cameras.

Western Digital also produces the My Cloud family of personal NAS devices and multi-purpose servers.

At this time, there is no information available regarding the specifics of the unauthorised access to Western Digital's network and the theft of its data.

Brett Callow, a ransomware expert at security firm Emsisoft, speculated the firm may have been struck by ransomware.

If the incident is indeed a ransomware attack, data stored in My Cloud or the code required for customers to access it may have been compromised by the attacker(s).

This is not the first time that the company's My Cloud services have experienced issues.

Two major vulnerabilities of Western Digital's My Book Live series of products were found in 2021, which attackers could exploit to remotely wipe the hard drives within the NAS enclosures.

Related Topics

Author spotlight

Dev Kundaliya

View profile
More from Dev Kundaliya

AI firm C3 to shift EMEA HQ from Paris to London

Interview: Nettitude, Security Excellence Awards finalist

More on Hacking

Government supplier Capita hit by IT issue sparking fears of cyberattack
Hacking

Government supplier Capita hit by IT issue sparking fears of cyberattack

No evidence of any data being compromised, says Capita, although cause of the outage remains unclear

Dev Kundaliya
clock 03 April 2023 • 3 min read
At least 50 US government personnel targeted with commercial spyware
Hacking

50 US government staff targeted with commercial spyware

'We were were astounded by the number,' says senior official

Dev Kundaliya
clock 28 March 2023 • 3 min read
Former Meta executive targeted in 'Predator' spyware attack
Hacking

Meta executive targeted by 'Predator' spyware, report

It remains unclear as to why Seaford was targeted for surveillance

Dev Kundaliya
clock 21 March 2023 • 3 min read