(416) 825-2120
info@veiliant.com
Free IT Assessment
  • About
  • Services
    • Fully Managed IT
    • Cloud Services
    • Software Development
    • Business Continuity
    • Cyber Security
    • Professional IT Consulting
  • Our Team
  • Blog
  • Contact
Remote Support

Western Digital Says Hackers Stole Customer Data in March Cyberattack

Posted on 14 May at 7:40 am

Western Digital has taken its store offline and sent customers data breach notifications after confirming that hackers stole sensitive personal information in a March cyberattack.

The company emailed the data breach notifications late Friday afternoon, warning that customers’ data was stored in a Western Digital database stolen during the attack.

“Based on the investigation, we recently learned that, on or around March 26, 2023, an unauthorized party obtained a copy of a Western Digital database that contained limited personal information of our online store customers,” Western Digital said.

“The information included customer names, billing and shipping addresses, email addresses, and telephone numbers. As a security measure, the relevant database stored, in encrypted format, hashed passwords (which were salted) and partial credit card numbers.”

Western Digital data breach notifications
Western Digital data breach notifications

Western Digital has taken its store offline while they continue investigating the incident, with the store now displaying a message stating, “We’ll be back soon: We are unable to process orders at this time.”

The company expects to restore access to the store on May 15th, 2023.

Western Digital also warns impacted customers to be vigilant against spear-phishing attacks, where threat actors impersonate the company and use the stolen data to gather further personal information from customers.

The Western Digital cyberattack

The data breach notification comes after Western Digital suffered a cyberattack on March 26th, when the company discovered its network was hacked and company data was stolen.

In response to the attack, the company shut down its cloud services for two weeks, along with mobile, desktop, and web apps.

TechCrunch reported that an “unnamed” hacking group breached Western Digital, claiming to have stolen ten terabytes of data.

While the threat actors claim not to be part of the ALPHV ransomware operation, they used their data leak site to extort Western Digital, linking them in some manner to the extortion gang.

In a note published on April 28th, the threat actors taunted Western Digital by releasing screenshots of stolen emails, documents, and applications that showed they still had access to the company’s network even after being detected.

The hackers also claimed to have stolen an SAP Backoffice database containing customer information and shared a screenshot of what appears to be customers’ invoices.

Since then, no further data was released by the threat actors, likely indicating that they are still extorting Western Digital in the hopes of receiving a ransom demand.

Previous Post
Microsoft Patches Bypass for Recently Fixed Outlook Zero-click Bug
Next Post
Hackers Target WordPress Plugin Flaw After PoC Exploit Released

Recent Posts

  • Microsoft 365 Phishing Attacks Use Encrypted RPMSG Messages May 31, 2023
  • Canadian Nurses Association Hit by Cyber Attack May 31, 2023
  • QBot Malware Abuses Windows WordPad EXE to Infect Devices May 27, 2023
  • Hackers Target Vulnerable WordPress Elementor Plugin After PoC Released May 27, 2023
  • Mozilla Stops Firefox Fullscreen VPN Ads After User Outrage May 26, 2023

Categories

  • Cybersecurity (165)
  • Machine Learning (1)
  • News (98)
  • Robotic Process Automation (4)

Partners and Affiliates

Manufacturers matter. We partner with industry leaders that focus on business technology solutions. Let us help you find the right fit for your organization. Our partners offer great support, education, and benefits that we pass down to our clients.

 

About Us

Veiliant Inc. is a Managed Service Provider that offers many flexible services. We strive to meet the growing demand for computer support services needed for business success.

Veiliant has a proactive approach to help create innovative solutions devised  with your business goals in mind.

Our Services

  • Fully Managed IT
  • Cloud Services
  • Software Development
  • Business Continuity
  • Professional IT Consulting
  • Cyber Security

Related Links

  • FAQ
  • Privacy Policy

Contact Information

5155 Spectrum Way, Unit 1, Mississauga, ON, L4W 5A1
(416) 825-2120

Customer Support

  • Remote Support
  • Free IT Assessment

© 2023 Veiliant Inc. All rights reserved.