InfoSecBulletin Cybersecurity for mankind
Western Digital has finally restored the My Cloud service after more than a week following a hack, but those behind the breach claim to have stolen customer data.
The My Cloud service returned on Wednesday, 10 days after Western Digital officially reported an outage that made the online storage platform inaccessible for users.
Joint cybersecurity advisory
Botnet infects 260,000 SOHO routers, IP cameras with malware
By infosecbulletin
/ Wednesday , September 18 2024
The FBI has alerted that cyber actors have compromised over 260,000 internet-connected devices, mainly routers, to form a large botnet...
Read More
Chrome 129 Released Fix with multiple Security Flaws
By infosecbulletin
/ Wednesday , September 18 2024
Google has released Chrome 129 for Windows, Mac, and Linux users. The update will be available gradually over the next...
Read More
Broadcom fixed RCE bug in VMware vCenter Server
By infosecbulletin
/ Wednesday , September 18 2024
Broadcom has fixed a serious VMware vCenter Server vulnerability that allows attackers to execute remote code on unpatched servers through...
Read More
Cybercriminal now misuse Microsoft Azure tool to steal data
By infosecbulletin
/ Wednesday , September 18 2024
Ransomware groups like BianLian and Rhysida use Microsoft's Azure Storage Explorer and AzCopy to steal data from hacked networks and...
Read More
Apple warns users to install iOS 18 to Fix 33 iPhone Vulnerabilities
By infosecbulletin
/ Tuesday , September 17 2024
Apple has released iOS 18, the latest update for iPhones and iPads. Along with new features, it mainly focuses on...
Read More
CISA adds windows and whatsUp Gold vuls to its KEV
By infosecbulletin
/ Tuesday , September 17 2024
CISA has warned Microsoft Windows MSHTML Platform Spoofing Vulnerability and Progress WhatsUp Gold SQL Injection Vulnerability actively exploited security flaws,...
Read More
Petroleum and Fuel Industry
FleetPanda exposes Nearly One Million Documents
By infosecbulletin
/ Tuesday , September 17 2024
Cybersecurity researcher Jeremiah Fowler found a non-password-protected database with 780,000 records from FleetPanda, a tech provider for dispatch management. The...
Read More
DESCO faces cyber attack: Customers Data Breach
By infosecbulletin
/ Tuesday , September 17 2024
A recent dark web scan revealed that customer data from Dhaka Electric Supply Company Limited (DESCO) has been exposed. The...
Read More
Alert! Google Fixes GCP Composer Flaw
By infosecbulletin
/ Monday , September 16 2024
Tenable Research found and fixed a remote code execution (RCE) vulnerability, called CloudImposer, in Google Cloud Platform (GCP). This flaw...
Read More
CTF in Bangladesh: Unveiling Challenges, Opportunities and remedies
By infosecbulletin
/ Sunday , September 15 2024
In this article, we won’t dive too deep into the technical aspects of Capture The Flag (CTF) competitions. Instead, we...
Read More
The outage occurred right as Western Digital reported a breach that it first detected on March 26 involving hackers infiltrating the company’s systems and stealing some data. As a “proactive measure,” Western Digital took certain systems and services offline, likely to examine the full scope of the breach and to purge the hackers’ presence.
It’s unclear why My Cloud was down for so long, and what the hackers stole. Western Digital declined to offer any new comment. “This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities,” the company said on April 3.
However, TechCrunch spoke(Opens in a new window) to one of the hackers involved in the breach, who claims 10TB of company data was stolen, including information on customers.
The hacker says they asked Western Digital to pay at least an eight-figure sum or else the stolen data will be published online. However, TechCrunch notes the company appears to have shut down attempts by the hackers to negotiate a payment. It’s also important to note cybercriminals have every incentive to inflate or lie about their claims in order to pressure a company to pay up.
In the meantime, some Western Digital customers are demanding the company be more transparent about the breach and what might’ve been stolen. “We need to know what happened, have our details been compromised and what’s going to happen differently in future!?” wrote(Opens in a new window) one user on Facebook.
