Western Digital has reported a network breach.
Some systems remain offline, and the data storage company says that the hacker was able to steal some company data. The full scope of the data breach remains unclear. Some users of the company’s My Cloud storage service have reported that they haven’t been able to access the service.
Western Digital has launched all its incident response protocols, hired external security experts, and is coordinating with law enforcement.
What to Know About the Western Digital Hack
The breach happened a week ago, though it was not public until Western Digital’s disclosure today. In their press release, the company doesn’t explain the specifics of how the hacker breached the data.
The company has explained a little bit about what steps it has taken to address the issue:
“Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts.”
It’s unclear how much data the hacker accessed. However, the breach appears to have affected a number of the company’s network attached storage (NAS) devices, including My Cloud, My Cloud Home, My Cloud Home Duo, and My Cloud OS5, as well as SanDisk ibi and SanDisk Ixpand Wireless Charger.
The login service for WD My Cloud Home is unavailable. Thank you @westerndigital for not letting me access my data that I have in the living room pic.twitter.com/u0gjlh8ssi
— Alejandro Lorente (@jalc_79) April 2, 2023
Non-working services include cloud, proxy, web, authentication, emails, and push notification services, IT Pro reports. Western Digital says it will post another update soon.
Staying Safe Online
While the specifics aren’t known yet for this latest attack on a data storage company, it’s safe to say that times are hard for anyone trying to keep their data safe. If you aren’t worrying about your own data security habits, you’re dealing with the potential exposure that any other service may leave you open to, should that third-party service be breached itself.
The data storage operations are on their own, but we can help you with your own online footprint: Use two-factor authentication when you can, don’t re-use passwords, make your passwords really long, and double check any email you get to see if they might be phishing attempts.
Arming yourself with a few tech security tools can help too: We recommend a VPN and a password manager.