Western Digital confirms customer data stolen in cyberattack

Western Digital says in an electronic mail to prospects that “buyer names, billing and transport addresses, electronic mail addresses and cellphone numbers” had been stolen within the March cyberattack. The webshop, which was closed as a precaution, might be on-line once more from subsequent week.

The e-mail from Western Digital (courtesy of JJDN)

In response to Western Digital, the database, which an “unauthorized get together” obtained a replica of, additionally contained salted password hashes and partially encrypted bank card numbers from prospects of the online retailer. The storage producer warns prospects that they might obtain unsolicited messages asking for private data, or they might obtain suspicious emails. Western Digital expects to have the ability to restore entry to the online retailer within the week of Might 8. It’s not talked about whether or not and what Western Digital has modified within the meantime to the providers to make them safer.

Western Digital reported in early April that the corporate was a sufferer of a cyber assault, though it didn’t present particulars about the reason for the hack and the captured information. The storage producer took the webshop and My Cloud storage service offline ‘as a precaution’, however entry to the latter was reopened a couple of week and a half later. Nonetheless, the webshop remained closed.

In mid-April, a hacker claimed 10TB of firm information stolen to have. He mentioned he stole buyer information, phone numbers and inner e-mails, amongst different issues. He additionally claimed to nonetheless have entry to Western Digital’s inner community on the time. The hacker needed “an eight-figure quantity” from the corporate and mentioned in any other case to leak information. later shared a hacker group alleged inner footage of video calls between Western Digital staff discussing the cyberattack. This implies that the hackers nonetheless had entry to Western Digital methods after the preliminary assault. The corporate has not commented on the hackers’ claims and the leaked video.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.