Western Digital has temporarily shut down its stores and disseminated data breach notifications after confirming a cybercriminal incident in its systems, resulting in data loss. Based on reports, the data breach occurred in March, allowing hackers to steal sensitive personal information.
The notification letter sent by the company explained that their investigation revealed unauthorised infiltrators breached their systems last March 26, 2023. The hackers also acquired a copy of a Western Digital database containing limited personal information about their online market.
The confirmed stolen data includes names, email addresses, billing and shipping addresses, and phone numbers. The company claimed they could revert their standard access in the coming days.
They have warned affected users regarding spear-phishing campaigns since threat groups impersonate the concerned company and leverage the stolen data to collect additional customer details.
The Western Digital company immediately took down their online services to mitigate the impact of the March cyberattack.
The data breach notification from Western Digital rolled out immediately after confirming the attack and identifying the data loss. In addition to the company’s initial response, its team shuts down its cloud services and desktop, mobile, and web applications for a few weeks.
A cybersecurity research group reported an unnamed threat group that breached Western Digital, claiming to have stolen troves of data. The researchers claimed that the lost data reached about ten terabytes.
The threat actors used a data leak website to extort Western Digital despite claiming they were not a part of the BlackCat ransomware operation. However, the extortion tactic has implied that the groups could have relations.
The malicious group has also provoked the affected company by publishing screenshots of stolen data such as emails, applications, and documents to show that they still have access to the company’s network despite the recent detection.
The attackers also claimed they had stolen an SAP Backoffice database containing customer information and shared a screenshot containing customer invoices. The group has yet to release further data, indicating that they still use extortion tactics to threaten Western Digital.
