Western Digital Corp., a major computer storage drive manufacturer, disclosed that hackers gained access to its internal database used for its online store. Personal customer information such as names, addresses, and partial credit card details were compromised in the cyberattack.
Western Digital Cyberattack Details
2.1 A March Cyberattack
On March 26th, Western Digital suffered a cyberattack, in which threat actors breached its internal network and stole company data. However, no ransomware was deployed and files were not encrypted.
2.2 Compromised Data and Ransom Requests
Initially, TechCrunch revealed that an undisclosed group of hackers infiltrated Western Digital, boasting the theft of ten terabytes of data. Additionally, the attackers asserted they had extracted information from the company’s SAP Backoffice system.
2.3 ALPHV Ransomware Gang Involvement
Despite the perpetrator disavowing any connection to the ALPHV ransomware group, a threatening message quickly surfaced on the group’s data leak platform, cautioning that Western Digital’s data would be exposed if ransom negotiations were not initiated.
Western Digital’s Reaction
3.1 Suspension of Cloud Services
As a countermeasure to the cyberattack, the firm temporarily halted its cloud services for a fortnight, encompassing My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS 5, SanDisk ibi, and SanDisk Ixpand Wireless Charger, as well as associated mobile, desktop, and web applications.
3.2 Investigating Data Leaks
Western Digital is currently investigating the validity of the leaked data and will continue to report its findings as appropriate.
ALPHV Taunts Western Digital
4.1 Screenshots of Emails and Video Conferences
The ALPHV ransomware operation published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company’s systems even as the company responded to the breach.
4.2 Consequences of Persistent Access
Such access enables the monitoring of the company’s reaction and further data theft. Based on the screenshots shared by ALPHV, the cybercriminals insinuate that they maintained access to certain Western Digital systems, as evidenced by the video conferences and emails concerning the attack.
Western Digital’s Position on Ransom Talks
Currently, Western Digital has chosen not to engage in ransom negotiations to avert the disclosure of pilfered data, eliciting additional threats from the cybercriminals.
Impact on Western Digital’s Business
Despite the cyberattack, Western Digital has been able to maintain its factories’ operations and continues to ship products to meet customer needs. The company’s shares were up 1.2% at 3:25 p.m. in New York trading.
Best Virtual Payment Card
If you are able, we kindly ask for your support of Logll Tech News today. We appreciate it.
Sergio Richi
Editor, Logll Tech News
Conclusion
The Western Digital cyberattack highlights the need for companies to invest in cybersecurity measures to protect customer data and maintain trust. As cyberthreats evolve, it is crucial for organizations to stay ahead by constantly improving their security posture and being prepared to respond quickly and effectively to such incidents.
Join Our Newsletter
Subscribe to receive our latest updates in your inbox!
Frequently Asked Questions
FAQs:
Q1: What happened in the Western Digital cyberattack?
A: On March 26th, Western Digital suffered a cyberattack where hackers breached its internal network and stole company data, including personal customer information such as names, addresses, and partial credit card details.
Q2: Who is responsible for the cyberattack on Western Digital?
A: While an "unnamed" hacking group initially claimed responsibility for the breach, the ALPHV ransomware operation later posted a message on their data leak site warning Western Digital that their data would be leaked if a ransom was not negotiated.
Q3: How did Western Digital respond to the cyberattack?
A: Western Digital shut down its cloud services for two weeks and has been investigating the validity of the leaked data. The company has not negotiated a ransom to prevent the leak of stolen data.
Q4: What does the ALPHV ransomware operation's involvement imply?
A: The ALPHV ransomware operation's involvement, along with the published screenshots of internal emails and video conferences, suggests that they may have had continued access to Western Digital's systems even as the company responded to the breach.
Q5: How has the cyberattack impacted Western Digital's business?
A: Western Digital has managed to keep its factories operational throughout the incident and continues to ship products to meet customer needs. The company's shares were up 1.2% at 3:25 p.m. in New York trading.
