Western Digital has announced a data breach that occurred in March 2023 which has exposed sensitive personal information of its customers. The company disclosed that an unauthorized third party gained access to multiple systems as a result of a ransomware attack.
The incident led to the shutdown of several Western Digital services, including My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, and SanDisk Ixpand Wireless Charger.
The compromised database contained limited personal information of Western Digital’s online store customers, including names, billing and shipping addresses, email addresses, and telephone numbers. The company noted that the database stored hashed and salted passwords and partial credit card numbers in encrypted format.
Western Digital has suspended online store account access and the ability to make online purchases as a security measure, with plans to restore access by the week of May 15, 2023.
The company is working with leading forensic and security experts to investigate the extent of the incident, and is coordinating with law enforcement authorities. Western Digital has issued data breach notification letters to its affected customers, advising them to be cautious of any unsolicited communications that ask for their personal information or refer them to a web page asking for personal information.
Customers are recommended to avoid clicking on links or downloading attachments from suspicious emails.
The threat actors behind the ransomware attack are reportedly threatening to leak the stolen data and are using the leak site of the ALPHV ransomware group.
The group claimed to have obtained a full backup of Western Digital’s SAP Back Office, which dates back to the last week of March, and suggested that the breach was discovered the next day, resulting in the cancellation of their SAP contract.
