Uber investigates security breach of its internal systems

Hackers who hit Western Digital are now demanding ransom for data

Posted on

The cybercriminals that hit storage maker Western Digital Corp. in a network breach earlier this month have returned to demand ransom for stolen data, which includes customer information. The hackers have claimed the theft of over 10 terabytes of data and are seeking “a minimum 8 figures” to not leak sensitive information.

Western Digital disclosed that it fell victim to a “network security incident” on April 3 in which threat actors gained entry to its internal network. At the time, the company did not reveal what systems were affected or what data might have been struck except to say, “the company believes the unauthorized party obtained certain data from its systems.”

The attack led to a service outage that affected numerous parts of Western Digital’s consumer-facing cloud services for storage devices including My Cloud, My Cloud Home which locked them out of their data and in some cases devices. Those services are now restored.

Western Digital has yet to give any details from its investigation as to what systems or data were affected by the intrusion.

One of the hackers claiming to have hit Western Digital’s systems spoke with TechCrunch on Thursday and claimed to have stolen over 10 terabytes of data from the company. The hacker also shared a file with the news site, which was signed with a security certificate associated with the company that was authenticated.

To further prove that they had infiltrated the company’s systems, the hacker also provided a series of phone numbers that included two that belonged to Western Digital executives and screenshots of a group call that included the company’s chief information security officer.

According to TechCrunch, the hackers say that they have attempted to contact Western Digital in order to offer the ransom, but the company has not listened. “I want to give them a chance to pay but our callers […] they have called them many times. They don’t answer and if they do they listen and hang up,” the hacker said.

The hacker did not reveal what kind of customer data was stolen or how they broke into the network. Equally baffling is that the hacker did not give a name for their group, instead saying that they do not go by any name.

If Western Digital fails to respond to their demands, the hacker said that the group will begin publishing the leaked data on the website of the ransomware group Alphv, also known as BlackCat.

Image: TheDigitalArtist/Pixabay

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *