Digital storage giant Western Digital confirmed that an “unauthorized third party” gained access to its systems and stole personal information belonging to the company’s online store customers.

“This information included customer names, billing and shipping addresses, email addresses and telephone numbers,” the San Jose-based company said in a disclosure last week.

“In addition, the database contained, in encrypted format, hashed and salted passwords and partial credit card numbers. We will communicate directly with impacted customers.”

The development comes a little over a month after Western Digital divulged a “network security incident” on March 26, 2023, prompting the company to take its cloud services offline.

A subsequent report from TechCrunch last month revealed that the threat actors behind the attack were allegedly in possession of “around 10 terabytes of data,” and were negotiating with Western Digital for a ransom of a “minimum 8 figures” to avoid leaking the information.

While the identity of the extortionists was unknown at the time, ALPHV (aka BlackCat) ransomware actors have since taken credit for the theft, issuing an ultimatum on April 18, 2023, to make the payment or risk the release of “important documents” and “priceless artifacts.”

The actors have also published various screenshots on their dark web portal, displaying what appears to be video calls, emails, and documents related to Western Digital’s incident response efforts in an attempt to indicate continued access to the company’s systems even after the hack came to light.

Western Digital said it’s aware of the publication of “other alleged Western Digital information,” that it’s “investigating the validity of this data,” and that it has “control over our digital certificate infrastructure.”

It has also taken the step of taking its online store offline, which it said is expected to be restored the week of May 15, 2023. Access to My Cloud service was restored on April 13, 2023.


Αφήστε ένα Σχόλιο

Το e-mail σας δεν δημοσιεύεται. Τα υποχρεωτικά πεδία σημειώνονται με *

Διαβάστε επίσης

Google: Το Flood Hub έρχεται στην Ελλάδα

Το Flood Hub επεκτείνεται σε 80 χώρες, συμπεριλαμβανομένης της Ελλάδας, παρέχοντας προβλέψεις έως και 7 ημέρες πριν από μια πλημμύρα, σε 460 εκατομμύρια ανθρώπους.

Πλαστές εφαρμογές Telegram και Signal κλέβουν τραπεζικά στοιχεία

Υπάρχει πιθανότητα να κατεβάσατε εφαρμογές που θεωρούσατε ότι είναι τα γνωστά app ανταλλαγής μηνυμάτων Signal και Telegram, αλλά να είναι πλαστές εφαρμογές με κακόβουλες προθέσεις.

Το νέο LOBSHOT malware παρέχει στους χάκερ κρυφή πρόσβαση VNC σε συσκευές Windows

Το νέο κακόβουλο λογισμικό LOBsHOT παρέχει στους χάκερ κρυφή πρόσβαση VNC σε συσκευές Windows.