Western Digital has shut down several of its services after detecting a security breach on its network, the digital storage giant announced on Monday.
The service outage, announced on April 2, impacts cloud, proxy, web, authentication, email, and push notification services, including My Cloud, My Cloud Home (Duo), My Cloud OS5, SanDisk Ibi, and SanDisk Ixpand Wireless Charger.
By infosecbulletin
/ Saturday , February 15 2025
Xploit_Cr3w and Blind_Virus are the two champion teams categorically for BCS ICT Fest 2025 arranged jointly by BCS and BUET....
Read More
By infosecbulletin
/ Friday , February 14 2025
Between December 2024 and January 2025, Recorded Future's Insikt Group discovered a campaign targeting unpatched Cisco devices used by major...
Read More
By infosecbulletin
/ Friday , February 14 2025
On February 13, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued 20 advisories about serious vulnerabilities in Industrial Control...
Read More
By infosecbulletin
/ Friday , February 14 2025
The new Astaroth Phishing Kit can bypass two-factor authentication to steal login credentials for Gmail, Yahoo, and Microsoft. It uses...
Read More
By infosecbulletin
/ Thursday , February 13 2025
A sophisticated malware campaign is targeting military and government entities in Bangladesh. It uses social engineering to deliver malicious files...
Read More
By infosecbulletin
/ Thursday , February 13 2025
CrowdStrike has issued a security advisory for a serious TLS vulnerability, CVE-2025-1146, in its Falcon Sensor for Linux, Falcon Kubernetes...
Read More
By infosecbulletin
/ Thursday , February 13 2025
Palo Alto Networks has issued advisories for two critical vulnerabilities in its PAN-OS. The vulnerabilities, CVE-2025-0108 and CVE-2025-0110, may enable...
Read More
By infosecbulletin
/ Thursday , February 13 2025
Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC)...
Read More
By infosecbulletin
/ Wednesday , February 12 2025
Last year, a joint investigation revealed that a Florida-based data broker, Datastream Group, was selling highly sensitive location data that...
Read More
By infosecbulletin
/ Wednesday , February 12 2025
In 2024, Intel addressed a remarkable 374 vulnerabilities across its software, firmware, and hardware products, distributing bug bounty rewards for...
Read More
In a press release issued on April 3, the company said it’s responding to an ongoing network security incident that involves an unauthorized third party gaining access to “a number” of its systems.
“Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts. This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities,” WD said.
The company is working on restoring impacted services and infrastructure. At this point in the investigation, it confirmed that the hackers did manage to gain access to certain types of data stored on its systems. The nature and scope of the compromised data is being determined.
SecurityWeek has reached out to Western Digital to find out if the attack involved ransomware and whether any customer information was compromised.
At the time of writing, WD does not appear to be mentioned on the leak site of any major ransomware group. However, even if the incident is a ransomware attack, if the intrusion is recent, the company will likely only be added to a leak website after negotiations have failed.