Western Digital informs customers about hack (May 5, 2023)

Sicherheit (Pexels, allgemeine Nutzung)[German]At the beginning of April 2023, the hard drive manufacturer Western Digital had already admitted to a cyber incident in which data was stolen. In an email to customers as of May 5, 2023, the manufacturer informs its customers about this incident, which must have already taken place on or around March 26, 2023.


A review of the hack

The hard drive manufacturer Western Digital victim had admitted as of April 3, 2023, that it was the victim of a cyberattack (see my blog post Hard drive manufacturer Western Digital victim of cyber attack (March 2023)). According to the announcement, an unauthorized person was probably able to gain access to the internal IT networks as early as March of this year. The whole thing was noticed on March 26, 2023, which the company communicated in a message to the public. It said there that it was unclear whether data had been stolen.

At the same time, Western Digital services went down and users have been unable to access its MyCloud storage since early April 2023. In the blog post WWestern Digital hack: Attackers stole 10 terabytes, demand ransom, demand ransom, I reported in mid-April 2023 that the attacker or attackers informed Techcrunch that 10 terabytes of data had been siphoned off. The attacker demanded a ransom from Western Digital.

Customers get notified about the hack

As of May 5, 2023, Western Digital has now emailed customers who were logged into the Western Digital Store and once again dedicatedly informed them of this hack. A German blog reader sent me the mail (thanks for that).

Western Digital Kundeninformation über Hack 2023

There, it is admitted that the attacker had access to the online store's customer database on or about March 26, 2023. The database contained limited customer data such as customer name, billing and shipping addresses, email address and phone number. In addition, passwords and portions of credit card numbers were stored in the database. These were said to have been hashed and salted, according to Western Digital.


The vendor has therefore temporarily blocked access for accounts in the online store and also online purchases, but plans to make this feature available again in the week beginning May 8, 2023. Customers are urged to be extra cautious regarding unexpected messages asking for personal information or requesting it via website. Also, do not click on any links in suspicious emails and do not download any email attachments. Western Digital probably fears that victims of the hack are now also being attacked via phishing emails.

Bleeping Computer reported on May 1, 2023 here, that the ALPHV ransomware group (aka BlackCat) had now released screenshots of internal emails and video conferences. This means, Bleeping Computer suggests, that the hackers still had access to Western Digital systems.



Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *