Western Digital discloses network breach, My Cloud service down

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,564
Content source
https://www.bleepingcomputer.com/news/security/western-digital-discloses-network-breach-my-cloud-service-down/
Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems.

The California-based computer drive maker and provider of data storage services says in a press release that the network security incident was identified last Sunday, on March 26.

An investigation is in early stages and the company is coordinating efforts with law enforcement authorities.

“Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts,” Western Digital says in the disclosure.

Based on evidence found so far, the company believes that the intruder had access to some of the company data.

My Cloud service down

In the wake of the attack, the storage maker has implemented additional security measures to safeguard its systems and operations. These steps may impact some of the Western Digital services.

The company said that the incident "has caused and may continue to cause disruption to parts of the Company’s business operations."

Since Sunday, multiple users of Western Digital’s network-attached storage (NAS) service My Cloud have been reporting they couldn't access their cloud-hosted media repositories.

At time of writing, trying to log into the service, including the Home version, shows a "503 Service Temporarily Unavailable" error.

More than 24 hours have passed since the first reports of the outage, with cloud, proxy, web, authentication, emails, and push notifications being unavailable.

The My Cloud service status page notes that the issue is affecting the following products: My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger.
Click to expand...
www.bleepingcomputer.com

Western Digital discloses network breach, My Cloud service down

Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Wow
  • +Reputation
  • Like
Reactions: Nevi, [correlate], upnorth and 5 others
vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,484
Users of the Western Digital My Cloud service are fuming after a network breach has locked them out of their data for more than 24 hours and has put company-handled information into the hands of currently unknown hackers. The inability to access data stored in My Cloud was reported on social media by multiple users, including this one, who indicated the outage started sometime on Saturday. Since then, the number of users (and their anxiety levels) have only ratcheted up.
Click to expand...
arstechnica.com

Users fume after My Cloud network breach locks them out of their data

The compromise allowed hackers to steal data, raising the specter of ransomware.
arstechnica.com arstechnica.com
 
  • Like
  • Wow
Reactions: Nevi, [correlate], Jonny Quest and 5 others
vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,484
On Friday, five days into a massive outage impacting its cloud services, Western Digital provided customers with a workaround to access their files. Since April 2nd, the outage has prevented users from accessing files stored on their WD NAS devices, as it required access to the company's cloud services. The complete list of services that were down throughout this week includes My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS 5, SanDisk ibi, and SanDisk Ixpand Wireless Charger, together with linked mobile, desktop, and web apps.
Click to expand...
www.bleepingcomputer.com

Western Digital struggles to fix massive My Cloud outage, offers workaround

On Friday, five days into a massive outage impacting its cloud services, Western Digital finally provided customers with a workaround to access their files.
www.bleepingcomputer.com www.bleepingcomputer.com

I wonder if this earlier issue is related
malwaretips.com

Western Digital fixes critical security vulnerabilities in My Cloud NAS systems

Western Digital is patching vulnerabilities in the My Cloud OS 3 firmware of the My Cloud EX2, My Cloud EX4 and My Cloud Mirror NAS systems that could allow attackers to gain full access to the devices. The manufacturer describes only one of the critical vulnerabilities (server-side request...
malwaretips.com malwaretips.com
 
  • +Reputation
  • Like
Reactions: Nevi, [correlate], Jonny Quest and 2 others
vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,484
“We are the vermin who breached your company. Perhaps your attention is needed!” the hackers wrote, according to a copy of the email the hackers shared with TechCrunch. “Continue down this path and we will retaliate.” “We only need a one-time payment, and then we will leave your network and let you know about your weaknesses. No lasting harm has been done. But if there are any efforts to interfere with us, our systems, or anything else. We will strike back,” the hackers continued. “We are still buried in your network and we will keep digging there until we find a payment from you. We can completely conceal this and make it all disappear.
Click to expand...
techcrunch.com

Hackers claim vast access to Western Digital systems

One of the hackers who breached Western Digital provided some details about the hack, the data stolen, and what the hackers are demanding.
techcrunch.com techcrunch.com
 
  • Like
  • +Reputation
  • Wow
Reactions: Nevi, peterfat11, [correlate] and 4 others
P

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Another message from ALPHV, the group behind the Western Digital hack, where they also acknowledge the TechCrunch interview in BryanB's post above mine.. There is some nasty vulgarity which I've blotted out (no I do NOT want warning points on my profile, thanks). You can find the original text on the original source's Twitter homepage.

alphvransomware.PNG

https://twitter.com/vxunderground

Edited to remove direct link.
 
Last edited:
  • Like
  • Wow
Reactions: Nevi, harlan4096, vtqhtr413 and 3 others
vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,484
From the screenshots leaked by ALPHV, the threat actors are implying that they had continued access to some of Western Digital's systems as they show video conferences and emails about the attack. One image includes the "media holding statement" and another is an email about employees leaking information about the attack to the press. Included with the leaked data is another message from the threat actors, where they claim to have customers' personal information and a complete backup of WD's SAP Backofffice implementation.
Click to expand...
www.bleepingcomputer.com

Hackers leak images to taunt Western Digital's cyberattack response

The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company's systems even as the company responded to the breach.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
  • Wow
Reactions: Nevi, [correlate], Gandalf_The_Grey and 5 others
vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,484
After learning that hackers obtained sensitive personal information in a cyberattack in March, Western Digital pulled its store offline and notified consumers of the data breach. Late Friday afternoon, the business sent out emails warning of the data breach and informing clients that their personal information was contained in a Western Digital database that had been stolen. “Based on the investigation, we recently learned that, on or around March 26, 2023, an unauthorized party obtained a copy of a Western Digital database that contained limited personal information of our online store customers,” Western Digital said.
Click to expand...
cyberintelmag.com

Western Digital Claims Client Data Was Stolen by Hackers in March Cyberattack - Cyberintel Magazine

After learning that hackers obtained sensitive personal information in a cyberattack in March, Western Digital pulled its store offline and notified consumers of the data breach.
cyberintelmag.com cyberintelmag.com
 
  • +Reputation
  • Like
Reactions: Nevi, [correlate], silversurfer and 2 others
CyberTech

CyberTech

Level 44
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
Western Digital is warning owners of My Cloud series devices that can no longer connect to cloud services starting on June 15, 2023, if the devices are not upgraded to the latest firmware, version 5.26.202.

The storage manufacturer decided to take this drastic measure to protect its users from cyberattacks, as the latest firmware addresses a remotely exploitable vulnerability that can be leveraged to perform unauthenticated code execution.

"Devices on firmware below 5.26.202 will not be able to connect to Western Digital cloud services starting June 15, 2023, and users will not be able to access data on their device through mycloud.com and the My Cloud OS 5 mobile app until they update the device to the latest firmware," explains a Western Digital support bulletin.
Click to expand...
For more information
www.bleepingcomputer.com

Western Digital boots outdated NAS devices off of My Cloud

Western Digital is warning owners of My Cloud series devices that can no longer connect to cloud services starting on June 15, 2023, if the devices are not upgraded to the latest firmware, version 5.26.202.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: upnorth, vtqhtr413, Gandalf_The_Grey and 3 others
You must log in or register to reply here.

Similar threads

MuzzMelbourne
    • Applause
    • +Reputation
Western Digital Blocks Unpatched Devices From Cloud Services
Replies
0
Views
574
News Archive
MuzzMelbourne
MuzzMelbourne
Gandalf_The_Grey
    • Like
    • +Reputation
Paramount discloses data breach following security incident
Replies
0
Views
918
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
CyberTech
    • Like
Technology Western Digital execs vote to split biz in two: HDD and flash
Replies
0
Views
281
Technology News
CyberTech
CyberTech

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top