Recent reports have revealed that hackers have breached Western Digital’s cloud-based software, MyCloud, and have demanded a ransom to release their captives – user data. After infiltrating their systems with the REvil ransomware, the criminals are reportedly demanding the tech giant to pay them off in exchange for the safe return of its customers’ sensitive information.
Western Digital has yet to publicly confirm what type of data was stolen from their systems, and exactly how much of it was taken. However, it is believed that personal information, such as usernames, passwords, payment card data, and address book contacts have been compromised.
The attack is a major setback for the company, especially considering their investments in security and the fact that they were recently rated as a “Secure-by-Design” organization by the Cloud Security Alliance (CSA). This indicates that they had taken extra precautionary steps to strengthen their systems and protect their users.
The cybercriminals appear to be exploiting weaknesses that were already present in the Vendor-Access Network Software (VANS) systems Western Digital had implemented. These same weaknesses may also have allowed hackers to infiltrate other vendors or even compromise customer’s accounts.
Though the company has since taken precautionary measures to enhance their security protocols, the damage has already been done. As such, Western Digital has urged customers to take their own steps to protect their data, such as monitoring their accounts for suspicious activity and changing their passwords.
Furthermore, the tech giant has warned customers to expect “phishing” scams, whereby cybercriminals send fake messages or emails claiming to be from Western Digital in order to steal information.
In conclusion, the recent attack against Western Digital is a stark reminder of the importance of security when dealing with sensitive data. The company has used the incident as an opportunity to bolster its systems. However, customers should also be taking extra steps to protect their information and remain vigilant against potential attacks.