A hacker who stole a large amount of data including customer information from Western Digital demanded a ransom of ``minimum over 1.3 billion yen''



On Monday, April 3, 2023 local time,

Western Digital , a major storage company, was hacked, and services such as the cloud service `` My Cloud '' were temporarily down. The hacker who launched this attack claimed to have stolen a large amount of data, including customer information, and reportedly demanded a ransom of at least $10 million (about 1.3 billion yen) from Western Digital. It is

Hackers claim vast access to Western Digital systems | TechCrunch
https://techcrunch.com/2023/04/13/hackers-claim-vast-access-to-western-digital-systems/



After 10 Days, Western Digital's My Cloud Finally Restored Following Hack | PCMag
https://www.pcmag.com/news/after-10-days-western-digitals-my-cloud-finally-restored-following-hack

According to Western Digital, a 'network security incident' in which a hacker compromised the company's network was identified on March 26, confirming that multiple corporate systems were compromised. In response, Western Digital enlisted the assistance of outside security and legal experts to launch an investigation and take protective measures to take systems and services offline. Services such as My Cloud were down.

Western Digital receives a cyber attack and services such as 'My Cloud' are down for more than 24 hours - GIGAZINE



'Based on our investigations to date, we believe that someone has obtained certain data fraudulently from our systems, and we are working to understand what that data was,' Western Digital said in a statement. but did not disclose the details of the data stolen by the hackers.

On Thursday, April 13, local time, 10 days after the hacking report, Western Digital reported that My Cloud was restored.



However, one of the hackers contacted tech media TechCrunch, stating that they stole about 10 TB of data, including a large amount of customer information, from Western Digital and demanded a ransom of 'minimum $ 10 million'. That's right.

According to TechCrunch, hackers shared a file signed with a ``Western Digital code signing certificate '' to prove their claims, and said that it was possible to impersonate Western Digital. Two security researchers also reviewed the file and confirmed that it was indeed signed with a Western Digital certificate.

The hackers also shared the phone numbers of several Western Digital executives. TechCrunch was only forwarded to the voice message service over these phone numbers, but two phone numbers said that voice messages with the executive's name were played. In addition, these phone numbers were not open to the public.

In addition, the hacker took screenshots of ``Western Digital's internal emails,'' ``files stored in web services that employees are believed to be using,'' and ``group chats attended by Western Digital's chief information security officer.'' TechCrunch In addition to sharing with, he claims that he also stole data managed by the e-commerce platform and SAP .



It seems that the hacker used ransomware to encrypt Western Digital's files and demanded a ransom, but Western Digital did not respond to ransom negotiations. The hacker said, ``I want to give Western Digital a chance to pay the ransom, but no matter how many times I call, they hang up without answering.''

The hackers also claim they are sending emails to personal email addresses held by several executives, demanding a 'one-time payment,' because Western Digital's email system is down. increase. In emails sent to executives, the hackers said they were still lurking in Western Digital's network and could do lasting harm whenever they wanted to. On top of that, 'If you continue this way, we will retaliate.' It's about trying to solve complex scenarios.'

The hackers told TechCrunch that they targeted Western Digital by chance, and declined to provide details of customer data or hacking methods. If Western Digital does not respond to ransom negotiations, it plans to publish the data on the Ransomware Gang

Alphv website. Hackers say their group does not have a specific name and is not directly affiliated with Alphv, but he said, 'I know Alphv is a professional.'

Western Digital spokesperson Charlie Smalling declined to answer TechCrunch questions about how much data was stolen, whether there was customer data, and whether the company had been in contact with hackers.

Technology media PCMag said, ``Cybercriminals have motives to exaggerate claims or lie to force companies to pay,'' said the hacker's allegations. I pointed out that I just couldn't believe it.



in Web Service,   Security, Posted by log1h_ik