• Sun. Oct 15th, 2023

The March Cyberattack Involved Hackers Stealing Client Data, According to Western Digital

Avatar photo

ByEsme Greene

Jul 2, 2023
Western Digital's March Cyberattack: Data Stolen
Esme Greene
Latest posts by Esme Greene (see all)

Late Friday afternoon, the business sent out emails warning of the data breach and informing clients that their personal information was contained in a Western Digital database that had been stolen.

“Based on the investigation, we recently learned that, on or around March 26, 2023, an unauthorized party obtained a copy of a Western Digital database that contained limited personal information of our online store customers,” Western Digital stated.

Client names, shipping and billing addresses, email addresses, and phone numbers were all contained in the data. That particular database kept hashed passwords (which were salted) and partial credit card details in encrypted form as a security precaution.

While they do their investigation, Western Digital has shut down its online store, which is currently showing a notice that reads, “We’ll be back soon: We are unable to process orders at this time.”

On May 15th, 2023, the corporation plans to reopen the store. Additionally, Western Digital cautions impacted consumers to be watchful for spear-phishing attempts, in which cyber actors pose as the organization and exploit the data they have obtained to collect more personal information from clients.

The Cyberattack on Western Digital.

Western Digital learned its network had been breached and corporate data had been taken on March 26th, the day after it had experienced a cyberattack. The business pulled down its cloud services for two weeks along with its mobile, desktop, and online applications in reaction to the attack.

According to TechCrunch, a “unnamed” hacker organization allegedly broke into Western Digital and took 10 gigabytes of data.

Although the attackers deny being a part of the ALPHV ransomware campaign, they extorted Western Digital via their data leak site, connecting them to the extortion ring in some way.

Threat actors mocked Western Digital in a message sent on April 28th by publishing images of stolen emails, documents, and programs that demonstrated they continued to have access to the company’s network despite being discovered.

The attackers also published an image of what seemed to be customer bills and claimed to have stolen a SAP Back Office database holding client information.

Since then, the threat actors have not disclosed any further information, presumably because they still intend to seek a ransom from Western Digital.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.