The business claimed in a press statement that on March 26 it discovered “a network security incident” in which hackers “gained access to a number of the Company’s systems.”
In a statement, Western Digital stated that it has “confirmed” that hackers had “obtained a copy of a Western Digital database used for our online store that contained some personal information of our online store customers” after consulting with “outside forensic experts.”
The stolen information included “customer names, billing and shipping addresses, email addresses, and telephone numbers,” in addition to “passwords and partial credit card numbers” that were encrypted, hashed, and salted.
This method hides the original plaintext data and makes it much more difficult for hackers to actually see the real passwords and partial credit card numbers. Additionally, the business informed those harmed regarding the hack. The message Western Digital emailed him, which corresponds to the messages in previous publications, was shared by a client with TechCrunch.
Cyber Attacks and How to Prevent Them
Additionally, the business advised victims to take precautions to safeguard themselves, such as being “cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information,” refraining from tapping on links or installing files from “suspicious emails,” and ensuring that their email accounts have spam settings that can help them recognize and block “suspicious emails.”
When asked how many customers were impacted, Western Digital spokeswoman Charlie Smalling declined to answer and referred to the update released on Friday. On April 3, Western Digital disclosed that the company had experienced a data breach, but did not specify the scope of the attack or the specific data that had been taken.
One of the attack’s hackers later disclosed to TechCrunch that the 10 gigabytes of stolen data contained consumer information. The hackers were attempting to blackmail the business into committing not to release the stolen data at the time.
These requests apparently went unanswered because the hackers continued and posted part of the stolen material on the Alphv ransomware gang’s website. The hackers announced that they would “share leaks every week until we lose interest” in a post on April 28.
The breaches would include “code signing certificates, firmware, personally identifiable information of customers, and more.” It seems the hackers haven’t yet released the entire cache of stolen information.