Hackers that breached Western Digital’s (WD) systems and stole sensitive data in late March 2023 have posted a series of screenshots of internal emails and other company communication which they say shows WD’s poor efforts to address the incident.
Cybersecurity researcher Dominic Alvieri discovered a total of 29 screenshots showing emails, documents, and video conferences, all related to the actions WD took following the breach.
While one might think that the hackers still have access to WD’s systems and are taunting them this way, that doesn’t necessarily have to be the case. Usually, the first thing a company would do after discovering a data breach is try to learn how the hackers made their way inside and block the entrance. So, some time may pass between detecting a breach and responding to it, which could be the window during which the hackers grabbed these screenshots.
Leaking info to the press
One of the screenshots shows a “media holding statement”, and another one shows employees allegedly leaking information about the breach to the media.
In late March this year, unnamed threat actors breached Western Digital’s systems and stole 10TB of sensitive data. They didn’t encrypt the endpoints, and claim to have no affiliation with any of the current ransomware groups, but after the breach, a message appeared on the ALPHV (BlackCat) leak site about the incident.
Western Digital was urged to pay the ransom immediately, or risk getting hurt until they “cannot stand anymore”.
The hackers shared snippets of stolen information with TechCrunch, which showed files signed with WD’s code-signing keys, unlisted phone numbers, and screenshots of internal data. None of this could be independently verified, the media said.
To tackle the breach, WD was forced to shut down its cloud services for two weeks, frustrating users of My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS 5, SanDisk ibi, and SanDisk Ixpand Wireless Charger.
Western Digital did not comment on the leaked screenshots.
- Check out the best firewalls right now