Western Digital has revealed it has been hit by a cyber attack, forcing the company to shut down some of its systems.
The company said on 3 April that it identified a network security incident on 26 March. It confirmed that an unauthorised third party gained access to a number of the company’s systems.
After realising it had been breached, Western Digital enacted its incident response protocols and hired external security and forensic experts.
The data storage company said the investigation is still in the early stages, but it’s also coordinating with law enforcement authorities.
Western Digital said it is taking systems and services offline to “secure its business operations”. It’s currently working to restore impacted infrastructure or services.
“Based on the investigation to date, the company believes the unauthorised party obtained certain data from its systems and is working to understand the nature and scope of that data,” the company said.
Western Digital warned that the cyber attack may cause some disruption to its business operations as it is focusing its efforts on “remediating this security incident”.
The company is currently experiencing a widespread service outage on a range of its products, including its network attached storage (NAS) devices:
- My Cloud
- My Cloud Home
- My Cloud Home Duo
- My Cloud OS5
- SanDisk ibi
- SanDisk Ixpand Wireless Charger
“We are working to restore service. We apologise for any inconvenience. Next update will be posted on Monday, April 3,” Western Digital said on its My Cloud service status page.
It appears that cloud, proxy, web, authentication, emails, and push notification services are all down.
A number of users have shared on Twitter that they are experiencing difficulties with logging into the My Cloud service.
"The login service for WD My Cloud Home is unavailable,” tweeted Alejandro Lorente. “Thank you @westerndigital for not letting me access my data that I have in the living room.”
Full details of the incident are yet to be revealed, but Western Digital is the latest in a string of high-profile organisations to have been breached in recent weeks.
Many others including Pension Protection Fund UK, the City of Toronto, Rubrik, and others are all thought to have been attacked via exploits of Fortra's GoAnywhere product.
Ransomware gang Cl0p has previously claimed that it has breached more than 130 organisations through exploits of the vulnerability, and posted American multinational Procter and Gamble on its victim blog on Monday morning as its latest high-profile attack.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Capita handed £50m London police contract weeks after losing pension dataNews The outsourcer will provide digital fraud reporting services after its cyber incident disclosure drew criticism
-
Supercharge trust for operationsWhitepaper Innovating through uncertainty
-
Lazarus blamed for 3CX attack as byte-to-byte code match discoveredNews Additional analysis suggested 3CX developer teams ignored "red flags"
-
Some GitHub users must take action after RSA SSH host key exposedNews One cloud security expert likened the incident to the infamous HeartBleed bug from 2014
-
Latitude hack now under state investigation as customers struggle to protect their accountsNews The cyber attack has affected around 330,000 customers, although the company has said this is likely to increase
-
Four-year-old iframe flaw allows hackers to steal Bitwarden passwordsNews The password manager has known about the issue since 2018, publicising it in a report in 2018
-
WH Smith hit by cyber attack, current and former staff data accessedNews The company stated that it is notifying staff members who have been affected
-
Australia commits to establishing second national cyber security agencyNews The country is still aiming to be the most cyber-secure country in the world by 2030
