Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Western Digital Shuts Down Services Due to Cybersecurity Breach

Western Digital shuts down several of its services after discovering a network security breach.

WD data breach

Western Digital has shut down several of its services after detecting a security breach on its network, the digital storage giant announced on Monday.

The service outage, announced on April 2, impacts cloud, proxy, web, authentication, email, and push notification services, including My Cloud, My Cloud Home (Duo), My Cloud OS5, SanDisk Ibi, and SanDisk Ixpand Wireless Charger.

In a press release issued on April 3, the company said it’s responding to an ongoing network security incident that involves an unauthorized third party gaining access to “a number” of its systems. 

“Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts. This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities,” WD said.

The company is working on restoring impacted services and infrastructure. At this point in the investigation, it confirmed that the hackers did manage to gain access to certain types of data stored on its systems. The nature and scope of the compromised data is being determined. 

SecurityWeek has reached out to Western Digital to find out if the attack involved ransomware and whether any customer information was compromised.

At the time of writing, WD does not appear to be mentioned on the leak site of any major ransomware group. However, even if the incident is a ransomware attack, if the intrusion is recent, the company will likely only be added to a leak website after negotiations have failed. 

Advertisement. Scroll to continue reading.

Related: Synology, QNAP, WD Warn Users About Vulnerabilities Exploited at Hacking Contest

Related: Zero-Day Vulnerability Exploited in Recent Attacks on WD Storage Devices

Related: Old Vulnerability Exploited to Hack, Wipe WD Storage Devices

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.

Data Breaches

AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor.

Cybercrime

Instant Checkmate and TruthFinder have disclosed data breaches affecting a total of more than 20 million users.

Data Breaches

Health services company Independent Living Systems has disclosed a data breach that impacts more than 4 million individuals.