InfoSecBulletin Cybersecurity for mankind
Western Digital has shut down several of its services after detecting a security breach on its network, the digital storage giant announced on Monday.
The service outage, announced on April 2, impacts cloud, proxy, web, authentication, email, and push notification services, including My Cloud, My Cloud Home (Duo), My Cloud OS5, SanDisk Ibi, and SanDisk Ixpand Wireless Charger.
CYDES 2025 Reinforces Malaysia’s Vision of Secure and Trusted Digital Nation
Cisco alerts that Unified CM has hardcoded root SSH credentials
CYDES 2025
MCSS to implement 6 strategic goals with 7 objectives over 6 year: NACSA Chief
CYDES 2025
Malaysia placed cybersecurity heart of the regional agenda: DPM Ahmad Zahid
Amid Meta moves; OpenAI is largely shutting down next week: Wired
Canada orders Hikvision to close operations over national security
First couple “Rosie” to conceive using AI tech “STAR” successfully
Scattered Spider Actively Attacking Aviation and Transportation: FBI
Russia’s restrictions on Cloudflare making websites inaccessible
61 million Verizon records allegedly posted online for sale
In a press release issued on April 3, the company said it’s responding to an ongoing network security incident that involves an unauthorized third party gaining access to “a number” of its systems.
“Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts. This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities,” WD said.
The company is working on restoring impacted services and infrastructure. At this point in the investigation, it confirmed that the hackers did manage to gain access to certain types of data stored on its systems. The nature and scope of the compromised data is being determined.
SecurityWeek has reached out to Western Digital to find out if the attack involved ransomware and whether any customer information was compromised.
At the time of writing, WD does not appear to be mentioned on the leak site of any major ransomware group. However, even if the incident is a ransomware attack, if the intrusion is recent, the company will likely only be added to a leak website after negotiations have failed.
