Hackers that breached Western Digital (opens in new tab)’s (WD) techniques and stole delicate information in late March 2023 have posted a collection of screenshots of inside emails and different firm communication which they are saying exhibits WD’s poor efforts to handle the incident.
Cybersecurity researcher Dominic Alvieri found a complete of 29 screenshots displaying emails, paperwork, and video conferences, all associated to the actions WD took following the breach.
Whereas one may assume that the hackers nonetheless have entry to WD’s techniques and are taunting them this manner, that doesn’t essentially must be the case. Often, the very first thing an organization would do after discovering a knowledge breach is attempt to learn the way the hackers made their means inside and block the doorway. So, a while could cross between detecting a breach and responding to it, which may very well be the window throughout which the hackers grabbed these screenshots.
Leaking information to the press
One of many screenshots exhibits a “media holding assertion”, and one other one exhibits staff allegedly leaking details about the breach to the media.
In late March this 12 months, unnamed risk actors breached Western Digital’s techniques and stole 10TB of delicate information. They didn’t encrypt the endpoints, and declare to haven’t any affiliation with any of the present ransomware teams, however after the breach, a message appeared on the ALPHV (BlackCat) leak website concerning the incident.
Western Digital was urged to pay the ransom instantly, or threat getting damage till they “can’t stand anymore”.
The hackers shared snippets of stolen info with TechCrunch, which confirmed recordsdata signed with WD’s code-signing keys, unlisted telephone numbers, and screenshots of inside information. None of this may very well be independently verified, the media stated.
To deal with the breach, WD was compelled to close down its cloud companies for 2 weeks, irritating customers of My Cloud, My Cloud Residence, My Cloud Residence Duo, My Cloud OS 5, SanDisk ibi, and SanDisk Ixpand Wi-fi Charger.
Western Digital didn’t touch upon the leaked screenshots.
By way of: BleepingComputer (opens in new tab)