Western Digital confirmed a security incident on its network earlier this month. However, it did not reveal much in terms of information as the investigation was still ongoing at the time. What is known is that the company shut down several of its systems as a result of the attack, including consumer cloud-based systems such as My Cloud. However, it is now known that 10 terabytes of data were stolen from Western Digital.
10 million data stolen from Western Digital!
By the way, it looks like one of the hackers involved in the attack told TechCrunch about the attack. It’s not uncommon for malware groups to contact the press; this is a strategy for many groups that try to pressure companies to pay ransoms. This gives popular websites and their readers an idea of what they have in their hands. In this way, they can increase exposure and convince companies to give in to their demands.
The hacker who the TechCrunch shared a file with the site that was digitally signed with a Western Digital certificate.
In addition, the hacker shared other information with TechCrunch, including non-public phone numbers of Western Digital executives and internal emails, files stored in a PrivateArk instance, and a screenshot of a group call with the person in charge . Western Digital’s information.
The hacker claims to have managed to download 10 terabytes of data from Western Digital’s network and connected accounts.
Meanwhile, the group, which said it has no fancy name, is asking for an 8-figure payment in exchange for not publishing the data publicly or selling it on the dark web. However, Western Digital did not respond to these revelations when contacted by TechCrunch.
Assuming the hackers are in possession of the data, there are quite a few scenarios as to what could happen. Western Digital can pay and expect the group to keep its word. You can also refuse to pay and prepare for the impact as best you can.
This will then include certificate revocation, extensive security assessments of their infrastructure, informing companies and customers of potential failures, and much more.
However, hackers can try to sell the data to interested parties, who can then use it for phishing, malware campaigns and other activities. It is not clear whether user data was copied.